Re: dumping specific ip packet

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Snort can do what you want.

www.snort.org.

Bruno.

----- Original Message -----
From: "Benjamin Stocker" <bstocker@media-plus.ch>
To: <security-discuss@linuxsecurity.com>
Sent: Monday, April 08, 2002 2:55 PM
Subject: dumping specific ip packet


>
>
> Hy,
>
> On a webserver I maintain, there is a process trying to connect to another
> external address from time to time. The process must be started by a
> customer's web script but I cannot find it. The communication looks like
this:
>
> 194.125.250.21:xxxx --> 192.168.10.94:80
>
> My firewall is already blocking it but I would like to see teh content t
> find out who/which script is initiating this communication. Is there a
> tool to filter this packets and dump it's content to a file? I tried
> ettercap but could not get the job done with it.
>
> Many thanks for your help
> Mel
>
>
>
> ------------------------------------------------------------------------
>      To unsubscribe email security-discuss-request@linuxsecurity.com
>          with "unsubscribe" in the subject of the message.
>

------------------------------------------------------------------------
     To unsubscribe email security-discuss-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux