I have a wireless
network am trying to sniff. I'm using a linksys 802.11g on my laptop
talking to a belkin wireless router connected to a cable
modem.
I have 4 machines in
the house. Only one is directly connected to the router. Three others are
all wireless. PC1 is mine and is running ethereal. When I capture
packets I am able to see all traffic on the network including TCP, MSNMS, UDP,
etc...
PC2 is a wireless
laptop being used to connect to a corporate VPN. This traffic appears as
ESP or encapsulated security payload traffic, using IPSEC. Am I
correct in assuming there is no way to decrypt this traffic? HTTP traffic
appears normal.
My main question is
this: While I see a keepalive using the MSNMS protocol to port 1863, I see
no conversation traffic, maybe because it is not taking place during the times I have
monitored. I assume this traffic should appear as normal also, or...and
this is my question...is it too going through the VPN and being
encrypted?
This might be a
stupid question, but I am learning. My objective is to capture and log all
IM messages from any machine on the network using my PC. I know there
are programs I can load on the PC's to track all traffic, but I want to be
able to do this from the network without loading any software on the
machines. Any suggestions? Thanks in advance for your time and
effort. Great product, great site.