Perhaps you could use tcpdump to log all AIM packets and then use ethereal to reassemble the tcp streams ? I've reassembled irc conversations this way pretty painlessly.
-----Original Message----- From: Keith T. Morgan [mailto:[EMAIL PROTECTED]] Sent: 05 February 2002 20:05 To: d'Ambly, Jeff Cc: [EMAIL PROTECTED] Subject: RE: AIM I've done crudely using snort, some long arguments, selective ports, and piping it through strings. It let you see what was going on, but it wasn't pretty. -----Original Message----- From: d'Ambly, Jeff [mailto:[EMAIL PROTECTED]] Sent: Monday, February 04, 2002 2:22 PM To: '[EMAIL PROTECTED]' Subject: AIM My boss asked me the other day if we could log AOL instant messenger conversations, I know of course this can be done with any sniffer but I was wondering if there was a quick and easy way to do this. I was thinking perhaps I could use snort, but how could I reassemble the conversations? I would not like to spend all my time gathering and sorting all this info. Has any one tried this before and if so how well did it work?
