From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1OlFGn-0006RD-RC for garchives@archives.gentoo.org; Tue, 17 Aug 2010 06:03:34 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id DF7C1E09DD for ; Tue, 17 Aug 2010 06:03:32 +0000 (UTC) Received: from mail-gx0-f181.google.com (mail-gx0-f181.google.com [209.85.161.181]) by pigeon.gentoo.org (Postfix) with ESMTP id E8112E07EE for ; Tue, 17 Aug 2010 05:46:56 +0000 (UTC) Received: by gxk1 with SMTP id 1so542138gxk.40 for ; Mon, 16 Aug 2010 22:46:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=xhWZHLa7uxb6Isho0FI+UvkmZqumL2oQrZf4NUg1lCw=; b=qjhhfdrRMelKmhHJ95o3z8R0LbuBC850dniFl/oYIvmtZlvijzYcCI0ZwYP2B1oDyY rNSDDU4kI2rn+Oy7G/RNMLFN7FngASiXgUWuc7ZioxerQahhzB+GabHt/WBvhlKD2qh6 lCkisxv3vzG4EMQnhA7b9pMbYf8aCi/N4tcQ8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; b=rfeXn6Q37MSlAQlsTQzBU3GLR8kV7hXfJOqMlTNOjjP/MRP3w2tWzaiA9qrFOJ/siX FtoOGIBqGdq9nBDbZVBfRphSy3+q9QX/5ZCXpf3nKi99z/Iqn66TnZnGMkVbt/0sLKp9 S9b9Cli/aSp9dLCXB2etr2sZbaarWm2H7aSuo= Received: by 10.101.175.16 with SMTP id c16mr6866596anp.260.1282024015122; Mon, 16 Aug 2010 22:46:55 -0700 (PDT) Received: from [192.168.1.2] (adsl-95-148-78.jan.bellsouth.net [98.95.148.78]) by mx.google.com with ESMTPS id i25sm11639893anh.17.2010.08.16.22.46.53 (version=SSLv3 cipher=RC4-MD5); Mon, 16 Aug 2010 22:46:54 -0700 (PDT) Message-ID: <4C6A224C.2030100@gmail.com> Date: Tue, 17 Aug 2010 00:46:52 -0500 From: Dale User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.11) Gecko/20100801 Gentoo/2.0.6 SeaMonkey/2.0.6 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Yahoo and strange traffic. References: <4C684F59.3040903@gmail.com> <201008152329.44195.alan.mckinnon@gmail.com> <4C69C1E4.9090309@gmail.com> <4C69E3CD.5070108@gmail.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Archives-Salt: 1d4b1a6a-53f1-4e40-a6be-2daf9b22eb39 X-Archives-Hash: a395caecde0d257057ee49cb2b2e6d7d Adam Carter wrote: > > > I just did a killall kopete and it did stop. Is there a way to > "see" what it is sending/receiving? I'm talking like is it a > jpeg, some other file or something else? > > > rix portage # nmap -p 5050 -sV cs210p2.msg.sp1.yahoo.com > > > << SNIP >> > > Well its obviously HTTP, NFI why NMAP cant see that. So you could > capture in wireshark, then docode port 5050 as HTTP. Is this easy to do? I have no idea where to start except that wireshark is installed. Dale :-) :-)