14 Nov
2007
14 Nov
'07
9:21 p.m.
Any hint on how to use tcpdump to only grab the interesting parts?
tcpdump port 143
or whatever.
My knowledge of tcpdump is very limited and I only seem to be able to get a lot of noise out of it.
Look at ngrep - it lets you use both tcpdump expressions, *and* further filter by regular expression. And, it shows ascii output instead of all the hex crap - makes it a lot easier to follow ascii based protocols.
Either way, you'll want to disable SSL on the client, so that you can see the traffic properly. :-)