On Tue, 2005-06-07 at 22:05:33 -0700, craSH proclaimed... > tcpdump is pretty much just for inspecting the headers of packets, to > capture data and entire sessions, snort would be a good tool to use.
Wow, quit spreading bad information. tcpdump(8) is to capture packets, in full or part. Those captures can then be dissected with tools. The original poster may want to look at tcpshow or ngrep.
