Re: learning sniffer skills

From: Alexander Klimov (alserkli_at_inbox.ru)
Date: 12/10/04

  • Next message: Alexandre Skyrme: "RE: Basic Security for RedHat" 
    Date: Fri, 10 Dec 2004 12:50:02 +0200 (IST)
To: cmora@gigax.org

    On Thu, 9 Dec 2004, Carlos Mario Mora (c4y0) wrote:
    > Im starting to learn use a sniffer, but now im stopped with the method
    > to read the sniffer output.
    >
    > Im trying read with tcpdump or snort the mail messages downloaded by
    > pop3. But can see the message content. How can "assembly" the
    > message readed with the sniffer?

    It is quite possible to make sense of content using -X in tcpdump:
      -X Print each packet (minus its link level header) in hex and ASCII.
             This is very handy for analysing new protocols.
    also note
      -s Snarf snaplen bytes of data from each packet rather than the
             default of 68... 

    -- 
Regards,
ASK
  • Next message: Alexandre Skyrme: "RE: Basic Security for RedHat"

    Relevant Pages

    • RE: learning sniffer skills
      ... Let me recommend a book to you: Network Intrusion Detection (Third ... chapters provide detailed insight into processing TCPDUMP and WINDUMP ... download Ethereal and open the TCPDUMP ... Im starting to learn use a sniffer, but now im stopped with the method ...
      (Security-Basics)
    • Re: Linux link monitoring tool
      ... do not need a sniffer. ... I need a program that will run as a daemon and monitor the health if ... > You can use tcpdump also, ... > The post originated from Linux Forum: ...
      (comp.os.linux.networking)
    • Re: allow user not root to tcpdump
      ... I need to allowed a user not root to make tcpdump in a server with ... When I try to use the sniffer I receive the error ...
      (comp.sys.sun.admin)
    • Re: learning sniffer skills
      ... I think you have to play a little bit with the tcpdump options. ... Have a look at the manpage for tcpdump. ... Florian ... > to read the sniffer output. ...
      (Security-Basics)
    • Re: [SLE] Looking for info on setting up a packet sniffer
      ... >> Firebox sitting on RoadRunner's residential cable network. ... >> also open to suggestions on what other packet sniffing utilities might ... The Watchguard support guys asked me to put the sniffer ...
      (SuSE)