Ever on the search for useful tools, especially those for pulling files from pcaps, fellow handler, Raul Siles, e-mailed me today to let me know about this cool plug-in.  I've just started playing with it, but it looks pretty cool.

Tool: http://www.taddong.com/tools/eo_smb.patch
Whitepaper: http://www.taddong.com/docs/WP_SMBPlugin.pdf

---------------
Jim Clausing, jclausing --at-- isc [dot] sans (dot) org
FOR 408 coming to central OH beginning 30 Sep, http://www.sans.org/mentor/details.php?nid=22353