One of the simplest sniffers is ngrep http://www.packetfactory.net/projects/ngrep/
regards, alok sinha ----- Original Message ----- From: "Dhruv Soi" <[EMAIL PROTECTED]> To: "'The Linux-Delhi mailing list'" <[EMAIL PROTECTED]> Sent: Friday, November 07, 2003 2:03 AM Subject: RE: [ilugd] Jabber Chat Logging > Thanx Alok: > Could suggest me about that Sniffer Please. > > Regards > Dhruv > > -----Original Message----- > From: Alok Sinha [mailto:[EMAIL PROTECTED] > Sent: Thursday, November 06, 2003 3:27 PM > To: The Linux-Delhi mailing list > Subject: Re: [ilugd] Jabber Chat Logging > > > There is no simple way to do this. For conf logging, there is a patch > available, which will do this. (check www.jabber.org). > > For user to user logging at the server level, it is difficult. I have used a > simple network sniffer working on that port and piped it to a file. > > regards, > alok sinha > > Dhruv Soi wrote: > > > Hi All: > > I have installed Jabber Chat server on RHL Box with SQL database for huge > > database of users. Can anybody suggest me how to trap and save the chat > > messages passing through Jabber server. > > Else has anybody ever tried traping and saving chat messages of users > using > > yahoo/msn running through Linux Gateway running IPTABLES firewall. > > Reply would be appreciated and Thanx in Advance. > > > > :) > > Regards > > Dhruv > > > > -----Original Message----- > > From: Sandip Bhattacharya [mailto:[EMAIL PROTECTED] > > Sent: Monday, November 03, 2003 7:31 PM > > To: [EMAIL PROTECTED] > > Cc: [EMAIL PROTECTED] > > Subject: [ilugd] Re: Apache/2.0.40 problem > > > > Yashpal Nagar wrote: > > > > > > > > access_log contains:- > > > ### > > > . > > > . > > > 68.56.176.39 - - [03/Nov/2003:14:36:15 +051800] "GET > > > /scripts/root.exe?/c+dir HTTP/1.0" 404 1041 "-" "-" > > > 68.56.176.39 - - [03/Nov/2003:14:36:15 +051800] "GET > > > /MSADC/root.exe?/c+dir HTTP/1.0" 404 1041 "-" "-" > > > 68.56.176.39 - - [03/Nov/2003:14:36:16 +051800] "GET > > > /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 1041 "-" "-" > > [...] > > > > > > I think my server is being tried for hacking ? What to do now. > > > Should i forward such request to M$ which we did at one pt of time.:) > > > > > > > Just some infected machine scanning you. Yes .. go ahead and send M$ the > > traffic if you want. ;) > > > > Or you could complain to the admin of the the network .. but I have > > hardly ever seen that work. > > > > - Sandip > > > > -- > > Sandip Bhattacharya http://www.sandipb.net > > sandip at puroga.com > > Puroga Technologies Pvt. Ltd. > > http://www.puroga.com > > > > _______________________________________________ > > ilugd mailing list > > [EMAIL PROTECTED] > > http://frodo.hserus.net/mailman/listinfo/ilugd > > _______________________________________________ > > ilugd mailing list > > [EMAIL PROTECTED] > > http://frodo.hserus.net/mailman/listinfo/ilugd > > > _______________________________________________ > ilugd mailing list > [EMAIL PROTECTED] > http://frodo.hserus.net/mailman/listinfo/ilugd > _______________________________________________ > ilugd mailing list > [EMAIL PROTECTED] > http://frodo.hserus.net/mailman/listinfo/ilugd > _______________________________________________ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd
