This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Telnet from cmd line to ip address 25

0

New to wireshark :} When I do a telnet fqdn 25 - I see the traffic on port 587 and not 25. I thought that I should be able to see the traffic destinated for port 25 being "redirected" to 587. But I do not. The first packet from my machine is to port 587 ? I am not understanding this.

asked 07 Feb '13, 06:09

mdcowboy's gravatar image

mdcowboy
11112
accept rate: 0%

Why do you expect a redirect to port 587 at all? A "telnet nameofhost 25" should always lead to a SYN being sent to port 25, at least if you're talking about the standard windows telnet program...

Do you have some sort of redirection software running, or why do you think that oyu should be able to see traffic for port 25 being "redirected"?

(07 Feb '13, 06:15) Jasper ♦♦

TX- I expect to see dst port of 25. I am using the standard windows telnet program. I know that port 587 is also open to the dest addr.

(07 Feb '13, 06:18) mdcowboy

When I do a telnet fqdn 25
The first packet from my machine is to port 587 ? I am not understanding this.

That sounds strange.

  • Did you capture on the same machine where you ran telnet?
  • Can you post a capture file somewhere (google docs, cloudshark.org, etc.)?
(07 Feb '13, 16:34) Kurt Knochner ♦

One Answer:

0

I just did what you did: running telnet ip-address 25 and captured it with Wireshark on the same PC (which results to broken checksums, don't worry, that's normal). Result can be seen here:

http://www.cloudshark.org/captures/21904d613ef7

This is how it should look like for you, too. If it doesn't, something is going wrong.

P.S: smtp command & control by console. Oldschool! :-)

answered 07 Feb '13, 06:31

Jasper's gravatar image

Jasper ♦♦
23.8k551284
accept rate: 18%