Reconstruct meaningful data from tcpdumps?

Thomas fwd at
Sat Jul 10 11:16:54 UTC 2010

On Fri, Jul 09, 2010 at 11:17:55PM -0600, Modulok wrote:


> Is there a way to reconstruct network traffic from a tcpdump file? Or
> something similar? As in: analyze the dump file and attempt to
> re-construct files transfered though http, ftp, known messenger
> protocols, instant message conversations, http requests, web pages,
> and so forth?
> There's a bunch of tools on Windows that say they do this to some
> extent or another, but they require a client-side installation, cost a
> lot of money, or are crawling with malicious code. I can read tcpdump
> files, (to an extent) but viewing a hex dump of a jpeg is futile.


Most probably there is a port of it.


More information about the freebsd-questions mailing list