I have been experimenting with the dsniff suite on my own home network, and it's frighteningly easy to use.

arpspoof -t victim gateway
arpspoof -t gateway victim
works flawlessly, along with setting ip forwarding. As I understand it, the first command makes the victim think that I'm the gateway, effectively routing all outbound traffic through my system. The second does the reverse, giving me all inbound traffic. urlsnarf confirmed the success of the attack. That's good.

I tried running
arpspoof gateway
which should make all devices on the network think that I'm the gateway, thereby redirecting all outbound traffic through my system, but not inbound. Unfortunately, this didn't work, and I got nothing, even a while after starting arpspoof. Why is this?

Also, I tried running arpspoof from my laptop, which was connected to my network wirelessly, and arpspoof would always fail, citing something along the lines of an "unknown network" and flashed the code "0x321". Am I to understand that arpspoof will not work from a wireless host? (The target system and the gateway are both wired, and successfully misdirected from my desktop, as described above.)

Finally, macof looks interesting, and I think I may give it a try on my switch, but I don't fully understand the process. The switch gets overloaded with MAC addresses and copes the only way that it knows how, by becoming a hub. Now, how does the switch recover from this? Does just start collecting MACs again sometime after the storm has died down, or does it stay open? I don't want to damage any of my hardware, after all.

Thank you!