ettercap vs. arpspoof
hi there
im very interested in WLAN Security and therefore did a lot reading and testing with Arpoisoning and MITM, which in my opinion is a very nasty and dangerous attack.
So i did a testing scenario with a small device where arpwatch is running (with syslog-ng and some specific filter and logging mechanism).
then i did some rather extensive attacking with ettercap and arpspoof.
now my results where, althought i get some fault warnings, that ettercap gets detected neatly, arpspoof on the other hand doesnt.
so my question is while i understand the arp poisoning mechanism and what happens on the network, i don't understand why one tool gets detected and the other doesnt?
kirmet
|