Re: AIM decoding

[JJ <jjhorner () SAFe-mail net>]

I was actually hoping someone had code that would pull the send/receive message alerts out of a MySQL database and 
print out the decoded chat session.  More specifically, I was hoping for perl.

At any rate, I will probably code something up that will pull the chat sessions, by date and IP, out of the MySQL 
server for use in waste, fraud and abuse (WFA) cases.

If anyone knows something that does this, please let me know.

JJ

---------------------
J. J. Horner
CISSP,CCNA,CHSS,CHP

-------- Original Message --------
From: Erek Adams <erek () snort org>
To: "JJ" <jjhorner () SAFe-mail net>
Cc: snort-users () lists sourceforge net
Subject: Re: [Snort-users] AIM decoding
Date: Wed, 17 Sep 2003 10:00:24 -0400 (EDT)

> On Wed, 17 Sep 2003, JJ wrote:
>
> > I'm working decoding all of the AIM messages my snort box captures.
> >
> > I can pull out the text using some pretty low-tech means, but I'd like
> > to know if someone else has written an AIM decoder which will decode the
> > data from CHAT AIM send message and CHAT AIM receive message alerts and
> > be able to tell who said what, to whom, and when.
> >
> > Has anyone gotten code like this working yet?
>
> Yep.  A few years ago.
>
> > I hope I don't have to start sniffing through the Net::AIM module. . .
>
> http://monkey.org/~dugsong/dsniff/
>
> -----
> Erek Adams
>
>    "When things get weird, the weird turn pro."   H.S. Thompson



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users