From: Jamie Riden (jamie.riden@gmail.com)
Date: Sat Jul 21 2007 - 12:21:56 EDT
On 20/07/07, Joćo Henrique Ferreira de Freitas <joaohf@gmail.com> wrote:
> Hello,
>
> Anybody have a good how to, tutorial or papers about dissect a TCP/IP
> flow?
>
> The background is: I have a client/server application and need
> decode/dissect the communication. The goal is make a tool to interact
> with
> the server application, send commands and request operations.
tcpflow is useful to start off with. It will unpack live capture or
tcpdump files into flows.
http://www.circlemud.org/~jelson/software/tcpflow/
(apt-get install tcpflow for ubuntu/debian users)
Or 'follow TCP stream' option under Wireshark can be helpful too.
cheers,
Jamie
-- Jamie Riden / jamesr@europe.com / jamie@honeynet.org.uk UK Honeynet Project: http://www.ukhoneynet.org/ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:57 EDT