Network Email Sniffer in C#?
-
Hello... I'm in the process of writing a network analyzer in C# for an IT project. One of the project requirements is for the analyzer to report some metadata concerning Exchange-based emails that go out to the internet. Currently, I've got a simple listening socket (RAW socket) that is intercepting the network packets. The questions are: 1) Where in the IP packet (Ehternet, IP, or TCP header) can I inspect to determine that it's an Exchange-related packet and needs to be process (inspected) further. I'm pretty sure the IP packet would be of type TCP, but 2) Where in that series of bytes does it specify Exchange, the to:/from:/subject:/ etc. Is it the TCP header, IP?? 3) Is the a doable thing? I'm assuming that Exchange is using SMTP for sending the email(s). Any info would be extremely helpful... Thx, T
-
Hello... I'm in the process of writing a network analyzer in C# for an IT project. One of the project requirements is for the analyzer to report some metadata concerning Exchange-based emails that go out to the internet. Currently, I've got a simple listening socket (RAW socket) that is intercepting the network packets. The questions are: 1) Where in the IP packet (Ehternet, IP, or TCP header) can I inspect to determine that it's an Exchange-related packet and needs to be process (inspected) further. I'm pretty sure the IP packet would be of type TCP, but 2) Where in that series of bytes does it specify Exchange, the to:/from:/subject:/ etc. Is it the TCP header, IP?? 3) Is the a doable thing? I'm assuming that Exchange is using SMTP for sending the email(s). Any info would be extremely helpful... Thx, T
What if you used a program called Ethereal to capture the traffic you want to sniff. Figure out what trigger you are looking for and then program that into your project? Ethereal can get very detailed and can show you where the data is in the packets you are looking for. It parses out the data automatically based on what protocol it's sent and can show you the raw data if you need to see it.