Allan: On Thu, Apr 08, 2004 at 12:54:41PM -0400, Allan Liska wrote: > Date: Thu, 8 Apr 2004 12:54:41 -0400 (EDT) > From: Allan Liska <allan@private> > To: loganalysis@private > Subject: [logs] Session Tracking > > > Can anyone on the list recommend tools for recreating TCP sessions. > Rather than manually going through logs, or looking at individual > packets I want to rebuild the session and examine the full packet > flow (for example rebuilding an entire instant messaging > conversation, versus a single comment). Try tcpreplay: http://tcpreplay.sourceforge.net/ "tcpreplay is a BSD-style licensed tool to replay saved tcpdump files at arbitrary speeds. It provides a variety of features for replaying traffic for both passive sniffer devices as well as inline devices such as routers, firewalls, and the new class of inline IDS's." HTH.. - John -- 10 print "Home" 20 print "Sweet" 30 goto 10 _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Sat Apr 17 2004 - 22:22:16 PDT