Admin Question...

[Bob George]

Jon Monts wrote:
 > Is there a utility will allow a person with the correct rights spy on
 >  telnet session and/or send the output a telnet session to another
 > TCP/IP port?

If you're interested in capturing unencrypted tcp streams specifically,
I can recommend tcpflow. It's much like tcpdump, except it captures tcp
streams rather than raw packets. This results in each stream (session) 
being recorded in its own separate file, making for easy review later. 
One option allows captuing of only ascii characters. It uses
the same syntax as tcpdump for specifying hosts and ports, etc.

I use this in my cisco lab to capture user keystrokes sent to configure
the routers. Invariably, someone sets a password that locks everyone
else out, and this lets me quickly figure out what they used.

The biggest downside is that tcpflow doesn't let you specify filenames
for output. It's also very different than a keystroke logger, but well
suited to network capture tasks like this.

Definitely worth a check: http://www.circlemud.org/~jelson/software/tcpflow/

- Bob