What software from BT1 can I run in my laptop that can listen to all the traffic in my local network so I can find out what information is being sent from the desktop, to what server and such? If the software is in BT2 then I can try it also but I am more familiar on how to set up my wireless card in BT1.

If you like reading, here is the reason behind it.

I have a security software running in the desktop that emails me everytime there is a condition met.

I have 2 adsl lines with the same provider, one is a corporate (comercial quality) line and the other is a residential line.

The system works fine in the corporate line while it dont in the residential line.

My employer dont encourage using their corporate line for personal use.

For residential lines my isp blocks any communication in the smtp port that is not to their servers. Which is understandable, but they do not provide a option for those that for some reason need to send email using other server.

I think that security software sends the email to its own smtp server.

I can purchase some software that will redirect that specific email traffic to a redirect server but I need to know the name of the server of the security software. Their techsupport (what a joke) cant provide that information because they do not know. Actually, they dont seem to know much.

Thanks

The program in BT1 is called Ethereal. By the release time of BT2 the software was renamed to Wireshark. Also, I'm not sure if you know what collision and broadcast domains are but if you want to sniff your ethernet traffic some of the easiest ways to do it is to do one of the following:

1. use a computer w/ two NICs to route traffic and sniff (placed between the gateway and the computer to be sniffed).
2. Arp poison the gateway and the computer to be sniffed (google "arp poisoning", irongeek.com, or securityfocus.com)
3. Use a "real hub" (i.e. Netgear DS-104) and plug in both the sniffing & sniffed computers to it. Then, sniff.

TCPDUMP or WINDUMP can also monitor traffic w/ -v (verbosity) and filters configured for destination port 25 (dst port 25). Read the manual. Windump is created for windows and is great for discreetness and quick deployments. I have used TCPDUMP on Sidewinder firewall for trouble shooting purposes.

hi ,
i wanted to know if it is possible to use etercap to sniff the wireless trafic , without using a real hub?
i tryed in my local network and it doesnt work .
thanks

I would use Wifizoo for sniffing up wireless traffic in a wifi-network.
Even though i haven't tried it on a network yet i'm sure it will work
at the places i know where it's accepted to do such things. (irl)

Well but i'm sure wireshark should be able to do it too if you set
the sniffing adapter to be your wifi adapter and not eth0. Keep
in mind i would try arp-poisining.. (if that even works on wifi, never
tried it yet, sorry i don't do much wifi-hacking..)

You could to look into building a passive tap, which you can use to passively sniff traffic with Wireshark with 2 ethernet cards running in bonded and enslaved in half-duplex.

Do a search for sniffdet on this forum.

I'd say Wireshark would be good for that. Connect both your desktop and backtrack PC to a hub (not a router) and start sniffing on the backtrack PC then get the desktop to send an email to the security software. Look over the Wireshark capture file and find what you need to know.

can we do this test(ARP poisonning) in a wireless network?

If you have permission from the owner yes. : )