sherrillTI.COM

• Next message: Dante Mercurio: "Re: Tracking Specific Ports"
• Previous message: Ted Amor: "Re: Scott Sanchez and Jay Woody NT password recovery"
• In reply to: Brian Pollack: "Tracking Specific Ports"
• Next in thread: Dante Mercurio: "Re: Tracking Specific Ports"
• Next in thread: bhayesUNLNOTES.UNL.EDU: "Re: Windows 2000 Service Pack 1"
• Reply: Eric Sherrill: "Re: Tracking Specific Ports"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Try (on the same LAN segment, natch) with a Linux box:

        tcpdump -s 1518 -w file host hostname port 8002

or, a Solaris box:

        snoop -o file hostname port 8002

(both these commands capture the packets to/from 'hostname' on port 8002 to
'file' for later analysis).

There are good Win32 equivalents out there as well, e.g. EtherPeek from AG
Group at http://www.aggroup.com (commercial; spiffy GUI), or WinDump at
http://netgroup-serv.polito.it/windump/ (BSDish free license; straight CLI
port of tcpdump).

--
Eric R. Sherrill, WF Software Systems Engineer
Texas Instruments HFAB1 Automation Systems
Stafford, TX 77477-3006
281-274-4133
-----Original Message-----
From: Focus on Microsoft Mailing List
[mailto:FOCUS-MSSECURITYFOCUS.COM]On Behalf Of Brian Pollack
Sent: Wednesday, August 02, 2000 10:56 AM
To: FOCUS-MSSECURITYFOCUS.COM
Subject: Tracking Specific Ports
Hopefully there is an answer to this difficult issue without an all-out
ethical discussion.  We need to be able to record a few workstations chat on
Yahoo! Chat (port 8002).

• Next message: Dante Mercurio: "Re: Tracking Specific Ports"
• Previous message: Ted Amor: "Re: Scott Sanchez and Jay Woody NT password recovery"
• In reply to: Brian Pollack: "Tracking Specific Ports"
• Next in thread: Dante Mercurio: "Re: Tracking Specific Ports"
• Next in thread: bhayesUNLNOTES.UNL.EDU: "Re: Windows 2000 Service Pack 1"
• Reply: Eric Sherrill: "Re: Tracking Specific Ports"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]