[Full-Disclosure] Sniffing ICQ traffic
ttsoares at orion.ufrgs.br
ttsoares at orion.ufrgs.br
Mon Nov 10 16:55:17 GMT 2003
Quoting Jeremiah Cornelius <jeremiah at nur.net>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Monday 10 November 2003 05:40, Marcos Machado wrote:
> > Does anybody know about any tool to sniff ICQ traffic?
> >
> > I've been searching for a week without success. I am currently using the
> > msgsnarf from dsniff package (2.3), but it works only with a limited
> > version (2k) and the protocol has changed. Nowadays, it's quite useless.
>
> Ethereal:
> http://www.ethereal.com/
>
> Win32 Complete Installer:
> http://download.openxtra.com/epa/3_1_0/Network/Ethereal_XTRA.exe
>
> "Because anything less, would be uncivilized."
>
> Protocol reassembly - "ICQ"
> Tools - "Follow TCP Stream"
By the way... do you know a good text or some examples about how do write
filters to ethereal? The syntax, variables, etc...
Thks.
-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/
Full-Disclosure is hosted and sponsored by Secunia.