On Thu, 13 Sep 2001, Junginger, Jeremy wrote: > I need to write a filter rule for ethereal that tracks all access to > a specific URL (not ip address). Is this possible, and if so, how? > Thanks! i use some combination of "urlsnarf" (part of the dsniff package), ngrep, tcpdump+tcpshow, or snort. actually, i think you'd be best served by snort. tell it to log the URL in text, and then the triggering packet along with say the next few packets in tcpdump format. ethereal is not the right tool for this job... CK -- Chris Kuethe, GCIA: Secure Systems Specialist - U of A CNS office: 157 General Services Bldg. 780.492.8135 chris.kuethe@[pyxis.cns.]ualberta.ca Opinions expressed herein are solely the responsibility of the author. And the author wouldn't have it any other way. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Sun Sep 16 2001 - 23:17:46 PDT