RE: learning sniffer skills
From: Beauford, Jason (jbeauford_at_EightInOnePet.com)
Date: 12/09/04
- Previous message: Jon Lawhead: "Re: learning sniffer skills"
- Maybe in reply to: Carlos Mario Mora (c4y0): "learning sniffer skills"
- Next in thread: Matias Rollan: "Re: learning sniffer skills"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 9 Dec 2004 17:12:03 -0500 To: <cmora@gigax.org>, <security-basics@securityfocus.com>
Let me recommend a book to you: Network Intrusion Detection (Third
Edition) by Stephen Northcutt and Judy Novak. Its awesome. Later
chapters provide detailed insight into processing TCPDUMP and WINDUMP
parameters. A definite must when you talk about sniffing networks.
Here's a link to some Google Print online version of the book.. Better
to purchase.
http://print.google.com/print?id=xWVSnrlakL4C&lpg=3&prev=http://print.go
ogle.com/print%3Fq%3DNetwork%2BIntrusion%2BDetection&pg=0_1&sig=gpF5JaqV
WvvxbnmBPTFUBGNbwGg
But to answer your question, download Ethereal and open the TCPDUMP
file, from there you can right click and choose FOLLOW TCP STREAM. This
should give you the results you're looking for.
Kind Regards,
JMB
-----Original Message-----
From: Carlos Mario Mora (c4y0) [mailto:c4y0@yahoo.com.mx]
Sent: Thursday, December 09, 2004 1:01 PM
To: security-basics@securityfocus.com
Subject: learning sniffer skills
hi!
Im starting to learn use a sniffer, but now im stopped with the method
to read the sniffer output.
Im trying read with tcpdump or snort the mail messages downloaded by
pop3. But can see the message content. How can "assembly" the
message readed with the sniffer?
Thanks in advance.
-- Carlos Mario Mora (c4y0) <c4y0@yahoo.com.mx> GiGaX
- Previous message: Jon Lawhead: "Re: learning sniffer skills"
- Maybe in reply to: Carlos Mario Mora (c4y0): "learning sniffer skills"
- Next in thread: Matias Rollan: "Re: learning sniffer skills"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
