Date: Fri, 9 Jul 2010 23:17:55 -0600 From: Modulok <modulok@gmail.com> To: "questions@freebsd.org" <questions@freebsd.org> Subject: Reconstruct meaningful data from tcpdumps? Message-ID: <AANLkTilJ5yaHT6Q-oW2JUEHmjkTkY19rCXC3uJPZiCGO@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Is there a way to reconstruct network traffic from a tcpdump file? Or something similar? As in: analyze the dump file and attempt to re-construct files transfered though http, ftp, known messenger protocols, instant message conversations, http requests, web pages, and so forth? There's a bunch of tools on Windows that say they do this to some extent or another, but they require a client-side installation, cost a lot of money, or are crawling with malicious code. I can read tcpdump files, (to an extent) but viewing a hex dump of a jpeg is futile. If that makes any sense. Thanks guys!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTilJ5yaHT6Q-oW2JUEHmjkTkY19rCXC3uJPZiCGO>