Re: Removing HTTP headers from tcpdump logs

[Jarkko Turkulainen <jt () klake org>]

> My question to the list: What tools/methods are used to manually remove the
> HTTP headers that prevent the (easy/quick) recovery of files over HTTP?

Text editor! I use the vi editor to edit the TCP session file. Just "dd"
the headers and the emtpy line after them, and the file is ready for
recovery. tar might give a warning because of the extra carrier return
character in the end of the file, but it really works!


Best regards,

--
Jarkko Turkulainen <jt () klake org>