you might not be able to do this with Ethereal but you can definately do this with snort and just output it to a tcpdump file. Then use Ethereal to view the tcpdump. If you already have a dump file, you can process it through snort and it will filter the output that you are looking for. JD -----Original Message----- From: Dave Aitel [mailto:daitelat_private] Sent: Thursday, September 13, 2001 6:52 PM To: Junginger, Jeremy Cc: 'pen-testat_private' Subject: Re: Ethereal Help Ethereal doesn't support that, as far as I can tell, but you CAN do http.request in the bottom filter window and it will only display http requests, which you can sort via scrolling about. :> -dave "Junginger, Jeremy" wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I need to write a filter rule for ethereal that tracks all access to > a specific URL (not ip address). Is this possible, and if so, how? > Thanks! > > Jeremiah > > -----BEGIN PGP SIGNATURE----- > Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> > > iQA/AwUBO6DS/alk83sSWEI4EQIL2ACdFCyvB+acPMu6WJEkWbBFghwA6PsAoPes > TFRFzaKSlwyeaktFqXTnc0q0 > =j1IH > -----END PGP SIGNATURE----- > > ------------------------------------------------------------------------ > Name: PGPexch.rtf.asc > PGPexch.rtf.asc Type: unspecified type (application/octet-stream) > Encoding: base64 > > ------------------------------------------------------------------------ > ---------------------------------------------------------------------------- > This list is provided by the SecurityFocus Security Intelligence Alert (SIA) > Service. For more information on SecurityFocus' SIA service which > automatically alerts you to the latest security vulnerabilities please see: > https://alerts.securityfocus.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ This transmission may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Sun Sep 16 2001 - 23:00:38 PDT