Im just deparing at a mysterious problem with dns_spoof at a specific LAN.
I happens that i can do MITM with success in both ways( gateway - station). After this, i would think that dns_spoofing an unprotected station would be 100% success, but strangely no....
I checked wireshark traffic and everything appears as it should:
-station request dns;
-ettercap intercept and reply to station with wrong IP;
-ettercap forwards station request to gateway...(useless request);
So my question is: After mitm be success, there can be any reason that make dns spoofing not possible?
Edit: btw, at home it works fine and behaves exactly as above
Last edited by aeronavi; 11-05-2010 at 09:42 AM.