On Tue, 19 Jul 2005 [EMAIL PROTECTED] wrote:
I saw that ports has ettercap and sniffit but I didn' get around to testing them to see if they will do the job I need. Can anyone recommend other tools that will do the work?
As mentioned, use the -s option in tcpdump. There's also a tool called tcpflow (http://www.circlemud.org/~jelson/software/tcpflow/) which can help you parse the payloads. from the man page: "[...] tcpflow reconstructs the actual data streams and stores each flow in a separate file for later analysis." -- inc
