|
I would like to monitor the email traffic in and
out of our network to make sure that no one is using the incorrect ports.
I need this information as I would like to setup a firewall rule that would only
allow traffic to and from one specific server. I think I have found the
answer to this question but so far no information has been captured yet.
When I start the capture and in the display filter
I am using "pop or smtp" as the _expression_ which should tell me when there is
that type of traffic. Is this the correct way of doing this or is there a
better way.
thanks for the help.
Mike
|