[Full-Disclosure] Sniffing ICQ traffic
Jeremiah Cornelius
jeremiah at nur.net
Mon Nov 10 17:10:23 GMT 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Monday 10 November 2003 08:55, ttsoares at orion.ufrgs.br wrote:
<SNIP>
> By the way... do you know a good text or some examples about how do write
> filters to ethereal? The syntax, variables, etc...
The filters are constructed just like tcpdump filters. All of this is because
of the libpcap format.
It is pretty hard to beat the UNIX man page that comes with Etheral, if you
want a concise reference.
man ethereal-filter
Windows users can find this if they get the source package, or online:
http://www.ethereal.com/ethereal-filter.4.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/r8Z/Ji2cv3XsiSARAqEBAJ0VRiSe9dcjdfqGUt4JiE5jAh7mOACdGp5Y
cuR22Cuh3yTlDQE/daNoIuY=
=loVs
-----END PGP SIGNATURE-----
Full-Disclosure is hosted and sponsored by Secunia.