>Dennis Lee Bieber wrote: > > Somehow, I suspect that by the time you've processed the tcpdump data, > the intrusion will have already succeeded. > Perhaps, but i really want to know how to do it ;-) Regards