Security Basics mailing list archives
RE: learning sniffer skills
From: "Beauford, Jason" <jbeauford () EightInOnePet com>
Date: Thu, 9 Dec 2004 17:12:03 -0500
Let me recommend a book to you: Network Intrusion Detection (Third Edition) by Stephen Northcutt and Judy Novak. Its awesome. Later chapters provide detailed insight into processing TCPDUMP and WINDUMP parameters. A definite must when you talk about sniffing networks. Here's a link to some Google Print online version of the book.. Better to purchase. http://print.google.com/print?id=xWVSnrlakL4C&lpg=3&prev=http://print.go ogle.com/print%3Fq%3DNetwork%2BIntrusion%2BDetection&pg=0_1&sig=gpF5JaqV WvvxbnmBPTFUBGNbwGg But to answer your question, download Ethereal and open the TCPDUMP file, from there you can right click and choose FOLLOW TCP STREAM. This should give you the results you're looking for. Kind Regards, JMB -----Original Message----- From: Carlos Mario Mora (c4y0) [mailto:c4y0 () yahoo com mx] Sent: Thursday, December 09, 2004 1:01 PM To: security-basics () securityfocus com Subject: learning sniffer skills hi! Im starting to learn use a sniffer, but now im stopped with the method to read the sniffer output. Im trying read with tcpdump or snort the mail messages downloaded by pop3. But can see the message content. How can "assembly" the message readed with the sniffer? Thanks in advance. -- Carlos Mario Mora (c4y0) <c4y0 () yahoo com mx> GiGaX
Current thread:
- learning sniffer skills Carlos Mario Mora (c4y0) (Dec 09)
- Re: learning sniffer skills Jon Lawhead (Dec 10)
- Re: learning sniffer skills Matias Rollan (Dec 10)
- Re: learning sniffer skills Florian Streck (Dec 10)
- Re: learning sniffer skills Alexander Klimov (Dec 10)
- <Possible follow-ups>
- RE: learning sniffer skills Beauford, Jason (Dec 10)
- RE: learning sniffer skills Matt Arntsen (Dec 10)
- Re: learning sniffer skills Alvin Oga (Dec 13)