I'm testing a friends (true story with true intentions... just in case I get flack over this) network his company network.
I am using arpwatch to detect arpspoofing but will be trying other tools out.
He wants to see if anyone is playing tricks on his LAN so I've been doing some reading and am using arpspoof to simulate an attacker. The arpspoof concept is familiar to me and I understand haow it works and what it does but one thing which I can't seem to do is to forward packets on my Linux Box and I'm wondering if I doing it correctly.
I would like to know if "echo 1 > /proc/sys/net/ipv4/ip_forward" is all I need to do to enable ip forwarding or do I need to issue another command along with this?
Does the kernel automatically take in the "1" as I hit enter?
The firewall is off just in case it was spoiling something along the line.
Network Manager is on, perhaps it is doing something it shouldn't and I should switch it off and set the card up manually?
I'm also working on a script for iptables which configures the firewall so that spoofing is not possible on each machine.
Any help greatly appreciated.