Home page logo

basics logo Security Basics mailing list archives

Re: learning sniffer skills
From: Alexander Klimov <alserkli () inbox ru>
Date: Fri, 10 Dec 2004 12:50:02 +0200 (IST)

On Thu, 9 Dec 2004, Carlos Mario Mora (c4y0) wrote:
Im starting to learn use a sniffer, but now im stopped with the method
to read the sniffer output.

Im trying read with tcpdump or snort the mail messages downloaded by
pop3.  But can see the message content.    How can "assembly" the
message readed with the sniffer?

It is quite possible to make sense of content using -X in tcpdump:
  -X     Print each packet (minus its link level header) in hex and  ASCII.
         This  is very handy for analysing new protocols.
also note
  -s     Snarf snaplen bytes of data from each packet rather than the
         default of 68...

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]