Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Converting tcpdump traffic to more user friendly output

from [Shenk, Jerry A] Network Security [Permanent Link]
Subject: RE: Converting tcpdump traffic to more user friendly output
Date: Sat, 10 Feb 2007 08:49:01 -0500 
For that particular task, strings works pretty well.  It's not a 100%
match but if you have a tcpdump file with just the AOL traffic, you
should be able to run "strings capturefile.dump" and pretty much see
your conversation.  If the tcpdump file includes more data than just the
AOL info, you'd want to extract the AOL traffic, send it to standard I/O
(STDIO) and then run strings on that...something like:
Tcpdump -r capturefile.dump port 5190 -s 4000 -w - | strings

The -r switch says to read a file.
Port 5190 might be your aol port.  You may need a more complicated
filter here.
The -s 4000 switch says to grab the first 4000 bytes instead of just the
default of 56.  Some tcpdump versions will also allow -s 0 to display it
all but I prefer -s 4000 'cuz they all support that.
The -w switch tells tcpdump to write the output to....normally a file,
in this case, - means STDIO.  Then of course, strings processes your
"readable" info and that's what actually hits the screen.

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of techlists@comcast.net
Sent: Thursday, February 08, 2007 4:23 PM
To: pen-test@securityfocus.com
Subject: Converting tcpdump traffic to more user friendly output

Can anyone recommend some software that can take AOL instant messenging
traffic sniffed with tcpdump, and convert it into a more easily readable
format?

Thanks

Paul Greene

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=7016
00000008bOW
------------------------------------------------------------------------




**DISCLAIMER
This e-mail message and any files transmitted with it are intended for the use 
of the individual or entity to which they are addressed and may contain 
information that is privileged, proprietary and confidential. If you are not 
the intended recipient, you may not use, copy or disclose to anyone the message 
or any information contained in the message. If you have received this 
communication in error, please notify the sender and delete this e-mail 
message. The contents do not represent the opinion of D&E except to the extent 
that it relates to their official business.


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Converting tcpdump traffic to more user friendly output, crazy frog crazy frog
Next by Date:  Re: Converting tcpdump traffic to more user friendly output, Isaac Perez Moncho
Previous by Thread:  Re: Converting tcpdump traffic to more user friendly output, crazy frog crazy frog
Next by Thread:  Re: Converting tcpdump traffic to more user friendly output, Isaac Perez Moncho
Indexes:  [Date] [Thread] [Top] [All Lists]