demonstrating an attack

I am a networking instructor in an IT training insttute in Nigeria and want to demonstrate a man in the middle attack for my students aka ARP poisoning.

I downloaded an etercap, some other network sniffers and cain and abel.

1. I want a methodology to the experiment
2. I am goint to be using a window xp platform of three xp boxes connected to a switch

thanks

All you need to acheive this is Cain and Abel, it should be simple to demonstrate from there.

I would setup a Windows 2003 server with IIS and switch on Authentication.

Then have a Windows XP host that you will use to connect to the IIS (with username/password)

Then have a Windows XP machine with Cain and Abel installed. Setup the Arp Poisoning within Cain and get someone to access the Webserver. Cain will capture the authentication attempt and will do the password crack (if NTLM) or its much simpler if its just clear text.

Cheers

Wayne

ok , its quite simple. but I intend to use an xp OS as the server since it has some server capability

thanks

Should be ok also since it will have HTTP Server functionality, principle will still be the same.

Cheers

thanks
smurf you are the man