Full Disclosure mailing list archives

Re: Sniffing ICQ traffic

From: Jeremiah Cornelius <jeremiah () nur net>
Date: Mon, 10 Nov 2003 09:10:23 -0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Monday 10 November 2003 08:55, ttsoares () orion ufrgs br wrote:

<SNIP>

By the way... do you know a good text or some examples about how do write
filters to ethereal?  The syntax, variables, etc...


The filters are constructed just like tcpdump filters.  All of this is because 
of the libpcap format.

It is pretty hard to beat the UNIX man page that comes with Etheral, if you 
want a concise reference.

    man ethereal-filter

Windows users can find this if they get the source package, or online:

    http://www.ethereal.com/ethereal-filter.4.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/r8Z/Ji2cv3XsiSARAqEBAJ0VRiSe9dcjdfqGUt4JiE5jAh7mOACdGp5Y
cuR22Cuh3yTlDQE/daNoIuY=
=loVs
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

RE: Sniffing ICQ traffic Randal, Phil (Nov 10)
- <Possible follow-ups>
- Sniffing ICQ traffic Marcos Machado (Nov 10)
  - Re: Sniffing ICQ traffic Jeremiah Cornelius (Nov 10)
    - Re: Sniffing ICQ traffic ttsoares (Nov 10)
    - Re: Sniffing ICQ traffic Jeremiah Cornelius (Nov 10)
    - Re: Sniffing ICQ traffic sith (Nov 10)
    - Re: Sniffing ICQ traffic Darren Bennett (Nov 10)
  - Re: Sniffing ICQ traffic Luiz Gustavo (Nov 12)
    - Re: Sniffing ICQ traffic Marcos Machado (Nov 13)
- Re: Sniffing ICQ traffic Ivan Coric (Nov 10)
- RE: Sniffing ICQ traffic Sergey V. Gordeychik (Nov 11)