Hi, I have been reading a tutorial on ARP poisoning, seems simple enough, and I'm eager to try it out on my own network. I am using a tool called "arptoxin". I have 2 PC's on my network, and a router, and I want to intercept traffic between one of the pc's and the router. The following info is relevant: Router (default gateway)=> IP: 192.168.168.230 MAC: 00-50-fc-67-39-XX PC A (the pc that is to do the intercepting) => IP: 192.168.168.247 MAC 00-08-02-A8-21-YY PC B (the one whos traffic I am going to intercept) => IP: 192.168.168.245 MAC: 00-60-08-94-8d-ZZ Note, both of these PC's are mine, and I just want to practise the skill, nothing illegal going on here. Now what I recon I should do is: 1) Send an ARP reply to the router and replace PC b's mac address with PC a's 2) Send an ARP reply to PC b, replacing the default gateway's(routers) mac address with PC a's. 3) Set up IP forwarding on PC a to forward traffic to and from the router and PC b I am planning to use the following arptoxin commands (all from PC a): 1) arptoxin -ed 192.168.168.230 -sip 192.168.168.245 2) arptoxin -ed 192.168.168.245 -sip 192.168.168.230 3) NO idea how I am gonna go about doing this. Could someone please explain how I should go about doing IP forwarding, and how I should capture the traffic coming through PC a neatly (should I jsut use a packet capture program like Ethereal?). Also, are the commands for 1) and 2) correct?