| To: | "João Henrique Ferreira de Freitas" <joaohf@gmail.com> |
|---|---|
| Subject: | Re: dissect TCP/IP flow |
| From: | "Jamie Riden" <jamie.riden@gmail.com> |
| Date: | Sat, 21 Jul 2007 17:21:56 +0100 |
| Cc: | pen-test@securityfocus.com |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | pentest-list2@consult.net |
| Delivered-to: | mailing list pen-test@securityfocus.com |
| Delivered-to: | moderator for pen-test@securityfocus.com |
| Dkim-signature: | a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=XK+1vpKfr8wmx2krv27X2NPzlEC+0W1fdVsYCvmO31Yc37pSafNj5GQns/yEppESKCIODHfcCgpUHasU/fTGYh2M1UeFj5nBwGQy//zCi1e6l2d7CGvVxL7EstpaqwjkdpVp1kmJPhM5gTZzTe0UNvlWyir7lJUHct1ebpLIdhI= |
| Domainkey-signature: | a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=pWf4xokyJyh9Ckp+Y8QHZm2hm7KmDvDaGJAPencxZ9Ij1nVVwdL750qzNB5uK1Qs1Ie5YHrDlQ9cEEp+zZRi6vRMElyduUJK904uKty6lHvN3/fmyZAlU4dVhJWkz98gTNbndlLjTTbUKnDadJo1pQ42iTRjZq/olru4ondSels= |
| In-reply-to: | <1184964634.29441.1.camel@jhf-notebook> |
| List-help: | <mailto:pen-test-help@securityfocus.com> |
| List-id: | <pen-test.list-id.securityfocus.com> |
| List-post: | <mailto:pen-test@securityfocus.com> |
| List-subscribe: | <mailto:pen-test-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:pen-test-unsubscribe@securityfocus.com> |
| Mailing-list: | contact pen-test-help@securityfocus.com; run by ezmlm |
| References: | <1184964634.29441.1.camel@jhf-notebook> |
| Resent-date: | Sat, 21 Jul 2007 11:56:49 -0600 (MDT) |
| Resent-from: | pen-test-return-1078484658@securityfocus.com |
| Resent-message-id: | <20070721175649.9B8A5143E9F@outgoing2.securityfocus.com> |
| Resent-sender: | listbounce@securityfocus.com |
| Sender: | listbounce@securityfocus.com |
On 20/07/07, João Henrique Ferreira de Freitas <joaohf@gmail.com> wrote: Hello, Anybody have a good how to, tutorial or papers about dissect a TCP/IP flow? The background is: I have a client/server application and need decode/dissect the communication. The goal is make a tool to interact with the server application, send commands and request operations. tcpflow is useful to start off with. It will unpack live capture or tcpdump files into flows. http://www.circlemud.org/~jelson/software/tcpflow/ (apt-get install tcpflow for ubuntu/debian users) Or 'follow TCP stream' option under Wireshark can be helpful too. cheers, Jamie -- Jamie Riden / jamesr@europe.com / jamie@honeynet.org.uk UK Honeynet Project: http://www.ukhoneynet.org/ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------ |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: Hping2, packet crafting question..., Jamie Riden |
|---|---|
| Next by Date: | Re: recover deleted emails from a pst, p1g |
| Previous by Thread: | RE: dissect TCP/IP flow, Serge Vondandamo |
| Next by Thread: | Re: dissect TCP/IP flow, rajat swarup |
| Indexes: | [Date] [Thread] [Top] [All Lists] |