Echelon Posted April 6, 2011 Share Posted April 6, 2011 First I would like to say hey to everyone on my first post. Quick question that I hope someone can help clarify for me. I have used Ettercap and a single wireless NIC many times to demo a MITM attack for coworkers or fellow students. For some reason I keep going back and forth on the exact path of the packets in a configuration of one AP, and 2 wireless clients, one being the attacker. No rouge AP involved here, as I said the attack PC has one wireless NIC and is running Ettercap just as you would in a wired switched environment. Question; once you have successfully ARP poised the wireless client, and the AP, does the wireless client then communicate directly with the attacker, or do the packets still have to go through the AP? In my head, your hub and spoke pattern, the AP being the hub and the two clients being the spokes, now would look like you are the hub and the wireless client victim and the AP are the spokes. So, the way I see it, you need to have a good wireless connection not only with the AP when using this type of attack, but also with the client. Does this sound correct? I do this in a lab environment so this is never an issue, but I have this question come up every once in a while and would like to answer it correctly. No luck finding a diagram of this with wireless clients. Thanks for the help. Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.