> so i should start working on the sniffing tool first? (please correct me if > i m wrong) > can you provide some tutorial or so for it..
If you search for libpcap+tutorial on any search engine, you'll find tutorials dime a dozen. Use the one which you find appropriate for your expertise. Try the sniffing tool (tcpdump?) as a proof of concept if you wish to. If you are comfortable with scripting, it might not take you more than 30 minutes. Then again, if you are not going to use it, you might as well skip it and get your hands dirty with pcap. I am sure you might have thought of this already but when you filter HTTP (or FTP or any other protocol), you might want to treat inbound and outbound traffic separately. Sharad -- Mailing list guidelines and other related articles: http://lug-iitd.org/Footer
