tcpdump/snort to capture chat sessions
Bill Moran
wmoran at collaborativefusion.com
Tue Jun 10 16:03:21 UTC 2008
In response to R J <rjohanne at wnk.hamline.edu>:
> I am trying to use tcpdump (or snort, but they are both behaving the same
> in this case) to capture all the lines or contents of an msn
> chat session, the actual conversation. I am getting partial output; i.e,
> I'll only get half of a sentence, and I don't see the rest of the lines.
> And ofcourse, alot of it seems to be hex or obfuscated html?
>
> What switches do I need to capture the entire lines of text?
Don't know about snort, but with tcpdump use -s0
--
Bill Moran
Collaborative Fusion Inc.
http://people.collaborativefusion.com/~wmoran/
wmoran at collaborativefusion.com
Phone: 412-422-3463x4023
More information about the freebsd-net
mailing list