2013/2/2 Sthu Deus <sthu.d...@gmail.com>: > Good time of the day, Meike. > > > Thank You, Meike, for Your time and answer. You wrote: > >> What u mean is a "Network Forensic Analysis Tool" (NFAT). >> You can capture with tcpdump or other similar tool (tshark, ...) in a >> file and analyze this file later. > > So, besides now and latter - tcpdump has no such a feature as to show > traffic content? - I do not say sorting / grep-ing /whatever it - that > can analysis do - I simply want to view the captured content - can > tcpdump show that?
The Question is, what you mean with "view the captured content". * So if there are e.g. images in the captured http or ftp, or ... stream and you like to see them, then NetworkMiner "http://www.netresec.com/?page=NetworkMiner"; is doing this job without any knowledge about the protocols .. * Content can also be crypted username/password ... e.g. in radius or https/ssl. Then is "Wireshark" your friend. Wireshark is able to decrypt this, if you have the private key or shared secret ... Content is all the payload on a network. But there are so many different kinds, there is no single tool to "display the content" So explain what you want to do exactly, but don't let us guess ;-) kindly regards Meike -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAFNHiA_uDjQ1erKwoXmqJi9qVer92+V6U=twedry0k8+d5o...@mail.gmail.com
