Extracting images from tcpdump files

Common programs

txpxtract
tcpflow
driftnet

More difficult then first assumed because parts of file may be out of order or duplicated
http://sandbox.dfrws.org/2007/cohen/

http://taosecurity.blogspot.com/2006/01/network-forensic-traffic.html

http://www.mysectools.com/MySecTools/The_Tools/Entries/2010/11/29_Forensics__Network_Forensics_Tools.html

Good summary
https://isc.sans.edu/diary.html?storyid=6961

Running networkminer in with wine
http://geek00l.blogspot.com/2008/12/drunken-monkey-running-network-miner.html