Date: Tue, 10 Jun 2008 12:02:22 -0400 From: Bill Moran <wmoran@collaborativefusion.com> To: R J <rjohanne@wnk.hamline.edu> Cc: freebsd-net@freebsd.org Subject: Re: tcpdump/snort to capture chat sessions Message-ID: <20080610120222.9e2760fe.wmoran@collaborativefusion.com> In-Reply-To: <Pine.LNX.4.64.0806100940230.24255@wnk.hamline.edu> References: <Pine.LNX.4.64.0806100940230.24255@wnk.hamline.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
In response to R J <rjohanne@wnk.hamline.edu>: > I am trying to use tcpdump (or snort, but they are both behaving the same > in this case) to capture all the lines or contents of an msn > chat session, the actual conversation. I am getting partial output; i.e, > I'll only get half of a sentence, and I don't see the rest of the lines. > And ofcourse, alot of it seems to be hex or obfuscated html? > > What switches do I need to capture the entire lines of text? Don't know about snort, but with tcpdump use -s0 -- Bill Moran Collaborative Fusion Inc. http://people.collaborativefusion.com/~wmoran/ wmoran@collaborativefusion.com Phone: 412-422-3463x4023
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080610120222.9e2760fe.wmoran>