hex dump help

[mad_fox9007]

how can u capture packets and turn them into a file? what kind of packet catcher or hex dump would i use?

[ss2chef]

While I would love to help you, your question lacks enough detail to respond in a properly pithy
manner.

This quideline may help you form better questions.

http://www.catb.org/~esr/faqs/smart-questions.html

[mad_fox9007]

"They know what your downloading by the requests to and from servers... if that isn't obvious enought... hex values of headers MZ, PE, (ect). This would indicate that you downloaded an executable even if its been renamed to executable.mp3

If they could get a good hex dump from within the logs then they could have this converted back useing debug or something and have the file right on their own hard-drive. Or look back on the things you've connected to and then check it out themselves." Thespecialist


what hex dump is that? and What kind or packet sniffer is that if it is one that they are using to make the logs?

[TheSpecialist]

A hex dump, its just something that stores values to be converted back into an executable, jpg, mp3, & (ect)... don't worry about it. Almost any worthwhile network analysis tool will present the hex representation of characters. This is why I said it would be possable to rake through log files, grab the values from specific traffic in relation to ftp, tftp, & other services, then feed this into something like debug.

Now stop makeing a big deal out of nothing and leave me the hell alone.

[mad_fox9007]

well then what would u say is the most "worthwhile network analysis tool?"

[SirDice]

Originally posted here by mad_fox9007
how can u capture packets and turn them into a file? what kind of packet catcher or hex dump would i use?

Code:

# tcpdump -w mypackets.bin

To read it do

Code:

# tcpdump -r mypackets.bin

If you want the hex

Code:

# tcpdump -x -r mypackets.bin