Dsniff/mailsnarf

To: debian-security@lists.debian.org
Subject: Dsniff/mailsnarf
From: tps@unslept.com
Date: Tue, 24 Feb 2004 18:11:20 -0500
Message-id: <[🔎] 20040224231120.GA29684@unslept.com>

I've been asked to place a sniffer on a network that handles HIPPA data,
and watch for e-mail containing certain strings. I figured that mailsnarf
would be the best way to do this.

Right.

In testing, if I run:

mailsnarf -i eth2 . "tcp" 

I get all email.

If I run

mailsnarf -i eth2 ".*STD.*" "tcp", I get nuttin, even though I send
email containing that string. Any pointers from anyone?

Tim

-- 
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
>> Tim Sailer (at home)             ><  Coastal Internet, Inc.          <<
>> Network and Systems Operations   ><  PO Box 726                      <<
>> http://www.buoy.com              ><  Moriches, NY 11955              <<
>> tps@unslept.com/tps@buoy.com     ><  (631)399-2910  (888) 924-3728   <<
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

Reply to:

Follow-Ups:
- Re: Dsniff/mailsnarf
  - From: john@keimel.com (John Keimel)

Prev by Date: Re: chkrootkit - possible bad news`
Next by Date: Re: Dsniff/mailsnarf
Previous by thread: Re: chkrootkit - possible bad news`
Next by thread: Re: Dsniff/mailsnarf
Index(es):
- Date
- Thread