something like: "ngrep -qitd eth0 'privmsg'" will probably get you much better results.
HTH, Harry
ALD, Aditya, Aditya Lalit Deshmukh wrote:
How do u know that you are looking for the irc traffic ? Somewhere you must
have see connections going out to some host or some connection attempts. You
could always try sniffing using that ip address on all ports if you have set
up everthing else correctly...
How ever if something is not setup correctly then you would have trouble
shoot this. Maybe posting some more info will help us all diagnose this for
you and help u out - maybe offlist ?
-aditya
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of RandallM
Sent: Saturday, January 22, 2005 05:04 AM
To: [email protected]
Subject: [Full-Disclosure] Scan for IRC
I am so sorry for interrupting the list. I'm trying to pick up IRC
communications on the network. I've made some filters for Ethereal and
Observer but can't seem to pick it up. I'm doing something wrong. Used the
6668-6669 ports. Any help?
thank you Randall M
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
________________________________________________________________________ Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
