Snort mailing list archives

Re: Mail from tcpdump packet logs

From: "caffeinex36 () yahoo com" <caffeinex36 () yahoo com>
Date: Wed, 10 Sep 2003 10:45:00 -0700 (PDT)

Dsniff can't read pcap dumps?? 

If not, use TCPreplay and mailsnarf, it will probably
save you some headaches. 

-Robert
--- Tommy Moore <tmoore () cmrc org> wrote:

Hi guys.

Is there any way I can use Snort to grab the e-mail
messages send and received out of a tcpdump packet
log?
I've used mailsnarf from the Dsniff package to do
this live on the wire, but I'm looking for a way to
do this from a binary tcpdump log.
I saw in the Snort faq that there's a way to do
this, but there weren't any instructions for doing
this.

Thanks for any help you can provide.

Tommy

ATTACHMENT part 2 application/pgp-signature




__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Mail from tcpdump packet logs Tommy Moore (Sep 10)
- Re: Mail from tcpdump packet logs caffeinex36 () yahoo com (Sep 10)