i'd like to know the available options for a msn messenger sniffer under linux. preferable in perl.

i have tried several, but i'd prefer if it creates a log with a file for each local ip address or something. i appreciate your attention. Thanks!

Its not Perl, but Ethereal is a great sniffer, especially if you need to do any analysis on traffic or individual packets. I havn't tried it for MSN, but it works great on AIM, as it sniff every packet going over the wires. You can also set up filters based on protocols, which should help keep your logs nice and clean.

I agree with a5an0

ethereal (tetherreal) work fine with IMs - tried it on MSN was very "interesting" specially with the proper filter set. Only problem were files that are transmitted as MSN encrypts these and it gives you some weird stuff.
But otherwise you can lit. see the chat nicely formatted like in the orig client

what i mean, is a daemon working and create a log for each internal ip addres.

Maybe it's not done now, and i have to find some one who modify the script i already have.

Thanks!!

Well why don't you scripped one?

All you probably need would be a daemon that watches your network for packages using the msg protocol (can't remember the name)
Perhaps this could be written as a extension for iptables (similar to snort inline)
this again calls the sniffer
as soon as the connection is dropped (no more of these packages)
parse the sniffers log and create the different log files

Doesnt sound to hard - does it. My advice start at the back in parsing the (t)ethereal log file.

If you get something working or need help with the (t)ethereal let me know

PS I assume with internal IP you mean the local IPs in your LAN