analyzing tcpdump traffic

09-20-2004, 02:03 AM

If I had a tcpdump of port 80/443 traffic, what would be some good tools
to extract as much information as possible from it? For example, I
definitely want a list of URLs, but preferrably as much reconstructed
information as possible. I don't believe urlsnarf can take a tcpdump
file as input.

Thanks for any suggestions.

AA

09-20-2004, 03:22 AM

"AA" <(E-Mail Removed)> wrote in message
news:KTq3d.31405$aW5.10976@fed1read07

> If I had a tcpdump of port 80/443 traffic, what would be some good
> tools to extract as much information as possible from it?

For sure, ethereal -- http://www.ethereal.com/

tony

--
use hotmail for email replies

09-20-2004, 03:29 AM

ynotssor wrote:
> "AA" <(E-Mail Removed)> wrote in message
> news:KTq3d.31405$aW5.10976@fed1read07
>
>
>>If I had a tcpdump of port 80/443 traffic, what would be some good
>>tools to extract as much information as possible from it?
>
>
> For sure, ethereal -- http://www.ethereal.com/
>
>
> tony
>
Yes, ethereal is great, but I was hoping for something automated to
parse large tcpdump files and reconstruct sessions, urls, etc.

AA

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Should traffic control root qdisc & child class limit traffic?	Washington Ratso	Linux Networking	1	02-25-2011 06:48 PM
measuring/analyzing datastreams question....	Peterken	Network Routers	0	03-16-2005 11:45 PM
help, analyzing traffic, am I being attacked or what?	Tobias Skytte	Linux Networking	1	10-30-2004 11:15 PM
IPsec tunneling problem: tcpdump and iptables see unencrypted traffic	Jurjen Oskam	Linux Networking	0	05-23-2004 02:39 PM
IPsec tunneling problem: tcpdump and iptables see unencrypted traffic	Jurjen Oskam	Linux Networking	0	05-23-2004 01:03 PM