Re: TCP/UDP Data Streams - Packet Reassembly

[Richard Sharpe <rsharpe () richardsharpe com>]

On Fri, 20 Dec 2002, Guy Harris wrote:

> On Fri, Dec 20, 2002 at 07:39:09AM -0500, Paul Van Gurp wrote:
> > Just a question...why not get Ethereal...it is freeware, works great,
> > and keeps track of all sessions for you.  It is easy to use and does a
> > really nice job.  I don't know about exporting the data though.
>
> I do.

So do I.
 
> It *won't* export the word attachment.  At best, it can reassemble the
> data streams on both sides of a TCP conversation and let you save one
> side, the other side, or both sides to a file; extracting attachments
> from mail, or extracting the file from an HTTP GET transaction, is left
> as an exercise for the user.

I agree with Guy. 

I reckon I know how to do it, and I reckon Guy knows how 
to do it as well, but we both have day jobs, and we work on Ethereal and 
other things outside of our day jobs!

Regards
-----
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, 
sharpe[at]ethereal.com, http://www.richardsharpe.com

-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe