Re: OT: Win32 app to read/interpret tcpdump file [7:1568]

Mon, 23 Apr 2001 08:36:32 -0700 

I can read them back in, but what I wanted to be able to do was view the
ASCII information being passed back and forth (username login, and all user
commands/server responses like CWD & RETR).  I couldn't find an easy way to
do this with tcpdump (the raw dump to a file with -w isn't something that
cat could just display, or even wordpad after I transferred it over).
Ethereal was able to open the file just fine and give me the low-level
decodes I needed and I found the account (anonymous) and directory
(/_vty_pvt) and file (rzr-ress.).  I get a permission denied when I try to
retrieve it.

If I remove the ACL block for even a second a ton of remote ftp clients will
try to connect and start transferring the file again.  I've emailed the
clueless admin so he can find the file.  I'm guessing it's some huge
mpeg/avi movie file or possibly some other warez.

You know, I wonder just how useful a warm body that can't follow directions
is sometimes.  *shrug*  Dumpster idea is good, but customers would complain
about their websites being down, and eventually someone would find it.
Although, we wouldn't notice the difference in work load, except maybe not
so much cleanup work ;-)

--
Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+
List email: [EMAIL PROTECTED]
Homepage: http://jason.artoo.net/



""ElephantChild""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> On Mon, 23 Apr 2001, Jason J. Roysdon wrote:
>
> > the evidence without knowing it.  Anyone have a Win32 app that can read
> > tcpdump raw capture files?
>
> I take it that tcpdump -r won't do?
>
> > refuses to put behind the pix saying he has it secure.  Hehee, guess
where
> > that box will be by the end of tomorrow?).
>
> In a dumpster, pinning its former maintainer face down in stinky, slimy
> garbage? :-)
>
> --
> "Someone approached me and asked me to teach a javascript course. I was
> about to decline, saying that my complete ignorance of the subject made
> me unsuitable, then I thought again, that maybe it doesn't, as driving
> people away from it is a desirable outcome." --Me
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=1603&t=1568
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to