[Snort-users] Mail from tcpdump packet logs

caffeinex36 at ...131... caffeinex36 at ...131...
Wed Sep 10 10:50:06 EDT 2003


Dsniff can't read pcap dumps?? 

If not, use TCPreplay and mailsnarf, it will probably
save you some headaches. 

-Robert
--- Tommy Moore <tmoore at ...10052...> wrote:
> Hi guys.
> 
> Is there any way I can use Snort to grab the e-mail
> messages send and received out of a tcpdump packet
> log?
> I've used mailsnarf from the Dsniff package to do
> this live on the wire, but I'm looking for a way to
> do this from a binary tcpdump log.
> I saw in the Snort faq that there's a way to do
> this, but there weren't any instructions for doing
> this.
> 
> Thanks for any help you can provide.
> 
> Tommy
> 

> ATTACHMENT part 2 application/pgp-signature 



__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com




More information about the Snort-users mailing list