Hi guys,

I've been playing around with cracking my WEP, ARPspoofing and SSLstrip, which is awesome.
However, what if i wanted to "reverse" the process to create a honeypot?  Let's say i create a WEP network, which get hacked, and i would want to identify the hacker by f.example facebook.
Having the router forward all packets incoming on port 80/443 to port 5555 on my computer running SSLstrip/ettercap, which then again forwards the traffic to port 80/443 on my router and out on the internet.  Would that work?  I would like to eliminate the ARPspoof process.

Also, does anyone have any better ideas?  I was thinking of port mirroring but that wouldnt eliminate the SSL if im not mistaken.

Maybe a simple solution is setting up a computer with 2 NIC's?

Why not just make your MITM box the default gateway? Have the router give out the IP of that box for the gateway and boom, everyone is sending all traffic right through your machine. This is just for practice right? You're not setting this up trying to lure people into it are you?