I've got a small experience regarding arp spoofing. I managed to make it work with tools such as arpspoof, ettercap following the various tutorials of the site since backtrack 3. Recently I failed to arp spoof some routers with BT5 and I don't understand why. I can verify that the victim is arp spoofed by checking its arp table. And I can see some of the traffic going through the midm machine. But somehow it kills the internet connection of the victim. I think the problem is there (not sure though)
Website <****** OK **** midm <**** OK **** victim
Website ****** OK ****> midm **** FAILED ****> victim
I've noticed the problem specifically on a router/box provided by my ISP which I can't manage to arp spoof. And the exact same process, same machine, on different router works perfectly. So my question is, are there some router with an anti arp spoof protection ? and if yes, is it possible to circumvent it ? Is there a different arp tool I can test ?
Thanks a lot for your help