tcpdump/snort to capture chat sessions
R J
rjohanne at wnk.hamline.edu
Tue Jun 10 15:52:07 UTC 2008
I am trying to use tcpdump (or snort, but they are both behaving the same
in this case) to capture all the lines or contents of an msn
chat session, the actual conversation. I am getting partial output; i.e,
I'll only get half of a sentence, and I don't see the rest of the lines.
And ofcourse, alot of it seems to be hex or obfuscated html?
What switches do I need to capture the entire lines of text?
I am using these options with snort:
snort -i hme1 -v -K None -X
That's sending output to stdout, which is fine with me.
Thanks for any pointers/suggestions/recommendations.
Robert
More information about the freebsd-net
mailing list