-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello. I'm (obviously) new to ethereal, but after having dug through
the archives and doing a bit of googling, I haven't found an answer yet,
so here's some pertinent info...
A client of my employer is having significant trouble with backdoor
trojans finding their way onto one specific machine. After clearing off
about 7 different varieties on 3 different occasions, I can only suspect
a human is to blame, but to be sure, I need to monitor the traffic going
in/out of that machine (Which is exactly what ethereal is built for).
However, to accomplish this, I will need to leave a laptop (specs to
follow) onsite, likely over a period of one or two weeks.
Laptop/software specs:
I586-166, 128MB RAM, 3G drive set as 256M swap, 1700M /, 1000M /var
RedHat 8.0 running ethereal 0.9.9 (I tried updating, but there isn't an
updated ethereal-gnome package).
Given the relatively limited amount of space for /var, and that I would
like to see what's going on while I'm in the office and during the
weekends (when I suspect these infections to be taking place), I would
like to tell ethereal to send me an email containing the capture file
every time that file reaches about 4M or so. Can this be done, and if
so, could someone point me to the resource or do some 'hand holding'?
Thanks!!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE+jG+mpXYXbUIoL6kRAiOEAKCdpcMZtHQKyKH/eStkJC6pT6U4kgCff7m0
A2059Is2XA9n7rGI8DfX2XE=
=p5IK
-----END PGP SIGNATURE-----
