Options

Blog - News

Blog - Link List

Security Links

MSCH Security Homepage

Microsoft Switzerland Security Home Page
MELANI

Melde- und Analysestelle Informationssicherung
Infosurance

Verein Infosurance Schweiz
MSCH Homepage

Microsoft Switzerland Homepage
MS Forefront Homepage

Microsoft Forefront Homepage
KOBIK

Koordinationsstelle zur Bekämpfung der Internetkriminalität
MS Malware Protection Center

Microsoft Malware Protection Center Portal
MSCH Swiss Citizenship Blog

Microsoft Switzerland Citizenship Blog
Security4Kids

Security4Kids Webportal

TechNet Resources

Security/Forensic Tool: AIM Sniff

Microsoft Swiss Security Team

20 Dec 2005 4:47 AM

Comments 0

AIM Sniff is a utility for monitoring and archiving AIM and MSN messages across a network. It can be used to monitor for cases of harassment or warez trading. It has the ability to do a live dump (actively sniff the network) or read a PCAP file and parse the file for IM messages. You also have the option of dumping the information to a MySQL database or STDOUT. AIM Sniff will also monitor for an IM login and then perform an SMB lookup on the originating computer in order to match NT Domain names with IM login names (handles). MSN sniffing support was added. The code was modularized for ease of contribution and protocol development.

http://freshmeat.net/projects/aimsniff

Urs