RE: AIM
From: Mark Ng (hostmaster@qpp.co.uk)Date: 02/06/02
- Previous message: jswanson@toss-inc.com: "RE: PortSentry entries on RH 7.2 server"
- Maybe in reply to: d'Ambly, Jeff: "AIM"
- Next in thread: Todd Suiter: "RE: AIM"
- Next in thread: Pasty Hermit: "Re: AIM"
- Reply: Todd Suiter: "RE: AIM"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Mark Ng <hostmaster@qpp.co.uk> To: "'Keith T. Morgan'" <keith.morgan@terradon.com>, "d'Ambly, Jeff" <jdambly@monster.com> Date: Wed, 6 Feb 2002 17:01:54 -0000
Perhaps you could use tcpdump to log all AIM packets and then use ethereal
to reassemble the tcp streams ? I've reassembled irc conversations this way
pretty painlessly.
-----Original Message-----
From: Keith T. Morgan [mailto:keith.morgan@terradon.com]
Sent: 05 February 2002 20:05
To: d'Ambly, Jeff
Cc: security-basics@securityfocus.com
Subject: RE: AIM
I've done crudely using snort, some long arguments, selective ports, and
piping it through strings. It let you see what was going on, but it wasn't
pretty.
-----Original Message-----
From: d'Ambly, Jeff [mailto:jdambly@monster.com]
Sent: Monday, February 04, 2002 2:22 PM
To: 'security-basics@securityfocus.com'
Subject: AIM
My boss asked me the other day if we could log AOL instant messenger
conversations, I know of course this can be done with any sniffer but I was
wondering if there was a quick and easy way to do this. I was thinking
perhaps I could use snort, but how could I reassemble the conversations? I
would not like to spend all my time gathering and sorting all this info. Has
any one tried this before and if so how well did it work?
- Previous message: jswanson@toss-inc.com: "RE: PortSentry entries on RH 7.2 server"
- Maybe in reply to: d'Ambly, Jeff: "AIM"
- Next in thread: Todd Suiter: "RE: AIM"
- Next in thread: Pasty Hermit: "Re: AIM"
- Reply: Todd Suiter: "RE: AIM"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
