> > IIRC, Driftnet. > And there is also the similar tools from dsniff which may be interesting > in these contexts, and also ofcourse ngrep for those more inclined on > looking at raw traffic.
just took a look at these: ngrep is a pure transport layer filter dsniff is a pure sniffing tool without ability to save http contents driftnet is pretty cool. it does just what i want, but supports only soo few file formats. what did you mean by IIRC? i know it only as a irc client. as i said driftnet is almost what i want. but why does the logging software have to have knowledge about the file format? arent binaries transportet over http just mime encoded and thats it? cant it just decode it back to binaries and save the mime type as part of the filename? i know that e.g. ethereal is capable of restoring the binary data stream out of a tcp connection. isnt there a similar tool that can restore files transportet over http and save them along with their mime type? or is there something for ftp transfers? thx
