You'll need to run a packet capture tool such as Ethereal (www.ethereal.com) or even tcpdump. Save the output to a file. You can read it back later and select conversation. With ethereal, select Tools->Follow TCP Stream. As with any similar tool, there are separate capture and display filters. Best Regards, Jim B. ====== > -----Original Message----- > From: Allan Liska [mailto:allan@private] > Sent: Thursday, April 08, 2004 12:55 PM > To: loganalysis@private > Subject: [logs] Session Tracking > > > > Can anyone on the list recommend tools for recreating TCP sessions. > Rather than manually going through logs, or looking at > individual packets > I want to rebuild the session and examine the full packet flow (for > example rebuilding an entire instant messaging conversation, versus a > single comment). > > Commercial or opensource are fine, but it has to run on Linux > and should > be able to integrate with some of the more well-known sniffing tools. > > > Thanks! > > > allan > -- > Allan Liska > allan@private > http://www.allan.org > > _______________________________________________ > LogAnalysis mailing list > LogAnalysis@private > http://lists.shmoo.com/mailman/listinfo/loganalysis > Note: The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you. ThruPoint, Inc. _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Thu Apr 08 2004 - 12:09:30 PDT