Hi, I am trying to capture email packets on my wired network but i dont get any. But alot of other network traffic is captured. The email client is hotmail. What might be the problem? :( asked 11 Apr '13, 02:36  Metall |
One Answer:
Hotmail would mean that you access your email by web browser, which would mean that the data is transported via HTTP, not POP/IMAP, in case you're expecting these two protocols. Most likely Hotmail pages are also HTTPS, which means they're encrypted and non-readable unless you try to decrypt them. What kind of traffic DO you see? answered 11 Apr '13, 02:41  Jasper ♦♦ showing 5 of 6 show 1 more comments |
Because I saw a tutorial where this guy could see a packet called "POST" but when I do the same thing by sending an email to my self i don't see it. And I try to see this POST packet.
I can see HTTP, TCP, ARP, TLS, NBNS, SSDP AND IGMP packets
Do you connect to https://www.hotmail.com or to https://outlook.com (the successor of hotmail)? If so, think about the consequences for packet capturing ;-)
I connected to https://www.hotmail.com. But do this mean that I am not able to see the packets that runs over SSL?
Correct, SSL traffic is (usually) encrypted. So, unless you can persuade the folks at Hotmail to hand over the private key they use for their SSL connections you won't be able to decrypt the data.
But shouldn't I be able just to see the packet? Even though they are encrypted?
No, you will see the packet, but you can't decipher the payload as it is encrypted. As you mentioned TLS, I guess those are the Hotmail packets (TLS is the successor of SSL).