From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1OlGCj-0003O6-Bx for garchives@archives.gentoo.org; Tue, 17 Aug 2010 07:03:25 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 7105AE0A8A for ; Tue, 17 Aug 2010 07:03:24 +0000 (UTC) Received: from mail-ww0-f53.google.com (mail-ww0-f53.google.com [74.125.82.53]) by pigeon.gentoo.org (Postfix) with ESMTP id E3AC6E09E0 for ; Tue, 17 Aug 2010 06:09:19 +0000 (UTC) Received: by wwd20 with SMTP id 20so2057989wwd.10 for ; Mon, 16 Aug 2010 23:09:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type; bh=Fm7d2GjLePWMcwN1Y2wGops1O3Yglsd+miLPgoRoqBs=; b=UnL87pj9XqMKrcFgR3R+PkCDNhJYAHrWbhcvHsIVuZAczDLSaOwSzgRS0Wr5sf6aBP G1yEJeiflCRrcze75W9s1lLOOGL5zMZdvIDf0HuEXRLVtLoTAtosXZlBwgWwn8T6xFgG DORUy2MghUGL6lWFD2eeGxdh1fT+uDBcK7a6k= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=Y5nv4DsRa+qCYu0Quit2r8aFeQpC9tSlOfurLLbwu9tGACrGAKN1cqRo3P8h1aokie jx/qICJKcTkvsasvU3wXpvjBSh7iElECjdTLMXqxM17XgiZhdCI9Gv0UHqC8lpqOjSvg LPxrsp4GdVjaLvXOAu5+l+lszBesr/3RdN/Kg= Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Received: by 10.216.47.196 with SMTP id t46mr374903web.13.1282025359276; Mon, 16 Aug 2010 23:09:19 -0700 (PDT) Received: by 10.216.1.199 with HTTP; Mon, 16 Aug 2010 23:09:19 -0700 (PDT) In-Reply-To: <4C6A224C.2030100@gmail.com> References: <4C684F59.3040903@gmail.com> <201008152329.44195.alan.mckinnon@gmail.com> <4C69C1E4.9090309@gmail.com> <4C69E3CD.5070108@gmail.com> <4C6A224C.2030100@gmail.com> Date: Tue, 17 Aug 2010 16:09:19 +1000 Message-ID: Subject: Re: [gentoo-user] Yahoo and strange traffic. From: Adam Carter To: gentoo-user@lists.gentoo.org Content-Type: multipart/alternative; boundary=001485f6c78821fd04048dfeca2d X-Archives-Salt: fd48ca5b-48fa-41fa-b706-f4ba9055f74e X-Archives-Hash: 8ee2ef19c361107d23179bc60a4df2dd --001485f6c78821fd04048dfeca2d Content-Type: text/plain; charset=ISO-8859-1 > Is this easy to do? I have no idea where to start except that wireshark is > installed. > > Yep, start the capture with Capture -> Interfaces and click on the start button next to the correct interface, then right click on one of the packets that is to the yahoo box and choose Decode As set the port and protocol then apply. You'll need to understand the semantics of HTTP for it to be of much use tho. --001485f6c78821fd04048dfeca2d Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
Is this easy to do? =A0I have no idea where to start except t= hat wireshark is installed.

=A0
Yep, start the capture with Capture -&= gt; Interfaces and click on the start button next to the correct interface,= then right click on one of the packets that is to the yahoo box and choose= Decode As set the port and protocol then apply. You'll need to underst= and the semantics of HTTP for it to be of much use tho.
--001485f6c78821fd04048dfeca2d--