Whenever performing a MitM attack through my tool of choice whether it be Ettercap text mode or arpspoof, the victim VM(BT5R1) loses internet connection. I have searched this topic thoroughly but am obviously missing something. The attack is being performed by BT5R1 Gnome 64bit on an identical VM(VMware) which is using a bridged connection that also replicates physical network state. This attack is being done via eth0 since I do not own an external USB wireless card.
The commands I used for ettercap are as follows
# ettercap -TQM ARP:REMOTE -i eth0 /10.0.0.1/ /10.0.0.2/
10.0.0.1 being the gateway obviously and .2 being the victim VM
I didn't enable IP forwarding for this due to ettercap's automation of this. Also tried with ip forwarding even though it's a bit redundant. In addition to ip forwarding, I've enabled IP tables in etter.conf as well as dropping the ec_uid/gid to 0(I don't know what this does). I've also read in another thread to un-comment ip chains, which I also tried but to no avail. I've tried installing a different version of ettercap but got the same problem. And of course when I tried this attack with arpspoof, i enabled ip forwarding with the echo "1" > /proc/sys/net/ipv4/ip_forward
Now I confirmed that the victim VM is in fact ARP poisoned via ARP tables and/or Wireshark. I just can't figure out why they lose connectivity
Any help would be appreciated. Sorry if I forgot to mention any other critical details that would help in assessing the problem.