Ettercap is killing the network connectivity of the entire subnet

[AdonisPro]

Hi,

While using Ettercap, i have come across a peculiar observation that whenever i am starting ettercap it is killing network connectivity of the entire subnet.

Environment:

Host/Base machine: Windows 10 Attacker Machine(Hosted on VMWARE)- Kali Linux (TRied with various distro- 18.1, 18.2 19.1, 2020.2, 2021.3) Target Machine- Windows 10 VM.

Command executed:

ettercap -Tq -M arp:remote -i wlan0 ///

Once this command is executed it kills the internet connection of the entire subnet.

I have searched and have gone through as much solutions from the internet but nothing helped. Have enabled ip_forward also in the Kali linux:

echo 1 >/proc/sys/net/ipv4/ip_forward

This too didn't help.

I'd earnestly request help from this elite community so that i can start using the tool seamlessly. Please help.

Regards

[calilkhalil]

Bro,

Can you share the result when you run "cat /proc/sys/net/ipv4/ip_forward" ? Please share with a photo.

[koeppea]

First of all: IP(v4) routing via the Linux Kernel via echo 1 >/proc/sys/net/ipv4/ip_forward is wrong and must be deactivated, because Ettercap must do the packet forwarding!!!

There is one scenario where Ettercap MITM between the local LAN and the Internet doesn't work (except of passive sniffing): When the host where ettercap is running, is itself the Layer3 Gateway (router) for the victim network and by design responsible to forward the packets.

But since you're running Ettercap on a VM, I don't think this is the case here.

What makes me really curious is the fact, that you provide the interface wlan0 to Ettercap. On a VM!!! Since when, does a VM have a wireless adapter???

Maybe you have strange network settings in your hypervisor software (WMWare). You have to connect the VMs with the host network adapter as a bridge.

The fact that you provided wlan0 as the network interface makes me also wonder, if your host machine might be connected via wireless to your LAN. How is your host connected?