On Mon, 3 Feb 2003 at 12:12pm (+1000), Peter Kiem wrote: > I'm going to be changing the mailserver configuration next week but I need > to know all my user's POP3 passwords so I can do the conversion.
What sort of mail config are you going from/to that requires you to change the way your passwords are stored and/or handled? > > So far I have worked out I can run the following to get a dump of the POP3 > traffic to look for the PASS commands: > > tcpdump -n -x -s 1514 tcp port 110 and dst host my.ad.dr.es > > > Does anyone know any scripts/programs that I can feed the output of > tcpdump into so I can filter out and record the packets that contain the > PASS command? > A bit q&d but something like.... tcpdump -n -X -s 1514 tcp port 110 and dst host my.ad.dr.es | perl -p -e 's/^.*\t(.*)\n/$1/; s/^(\d\d:)/\n$1/' | grep -B 1 -E 'USER|PASS' ... or if an older tcpdump without a big X option.... tcpdump -n -X -s 1514 tcp port 110 and dst host my.ad.dr.es | perl -p -e 's/^.*\t(.*)\n/$1/ && s/\s+//g && s/([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg && s/([\000-\011\013-\037])/./g; s/^(\d\d:)/\n$1/' | grep -B 1 -E 'USER|PASS' I'm sure you could use perl to find the USER and PASS stuff directly... I just it as a more generic solution that I can do other things to... M. -- WebCentral Pty Ltd Australia's #1 Internet Web Hosting Company Level 5, 100 Wickham St. Network Operations - Systems Engineer PO Box 930, Fortitude Valley. phone: +61 7 3249 2552 Queensland, Australia 4006. pgp key id: 0x900E515F -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list