Re: dissect TCP/IP flow

[Chris Eagle <cseagle () redshift com>]

wireshark is okay if you want to extract one stream at a time from many.

For multiple streams, you might try Chaosreader:
http://chaosreader.sourceforge.net/ or tcpflow:
http://www.circlemud.org/~jelson/software/tcpflow/

Each can split out all of the streams in a set of packets. Unfortunately
they do not seem to be actively maintained.

Chris


silky wrote:
> well what you want is a packet anaylser.
>
> try wireshark: http://www.wireshark.org/
>
>
>
>
> On 7/21/07, João Henrique Ferreira de Freitas <joaohf () gmail com> wrote:
> > Hello,
> >
> > Anybody have a good how to, tutorial or papers about dissect a TCP/IP
> > flow?
> >
> > The background is: I have a client/server application and need
> > decode/dissect the communication. The goal is make a tool to interact
> > with
> > the server application, send commands and request operations.
> >
> > How I make this? Its possible?
> >
> > Thanks.
> >
> > -- 
> > -------------------------------------------------------------
> > João Henrique Freitas - joaohf_at_gmail.com
> > Americana-SP-Brasil
> > BSD051283
> > LPI 1
> > http://paginas.terra.com.br/informatica/joaohf
> > http://www.livejournal.com/users/joaohf/
> >
> >
> > ------------------------------------------------------------------------
> > This List Sponsored by: Cenzic
> >
> > Swap Out your SPI or Watchfire app sec solution for
> > Cenzic's robust, accurate risk assessment and management
> > solution FREE - limited Time Offer
> >
> > http://www.cenzic.com/c/wf-spi
> > ------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------