Yes. As Ketchup noted, Ettercap (and other ARP spoofing tools) can be used for both legitimate and illegitimate reasons. Ettercap is a very quick and easy tool to use, to show the security (or lack thereof) of web-based SSL solutions, such as some vendors' SSLVPN's, as well as other applications. However, even as it was born as more of a pentest / hack tool, it also comes in very handy, for the same features, for sniffing switched network traffic and other data. Laura Chappell talks about it a lot in her Network Analysis classes and presentations, if you follow her, at all.
ArpON, one of the first tools noted in the Defenses section of the Wikipedia article Ketchup mentions, is a VERY handy tool for combating this type of attack, and is used in many of the SSLVPN-type scenarios I mentioned, above, to reduce the man-in-the-middle attacks against them.
Definitely worth learning about the ARP capabilities of Ettercap, if you intend to pentest any sorts of secure web applications, to look for vulnerable apps and login methods. In fact, I JUST tested a solution from an SSLVPN vendor for one of my clients, and demonstrated how easy it was to grab login credentials, which, in turn, would give the attacker credentials to login to the rest of the network / servers in the environment. Was sad, as I grabbed the credentials of one of their admins, who decided to login from a hotspot at McDonald's. <grin> Made a strong case for my recommendation that they add dual-factor authentication, such as tokens (which randmize,) to their logins, to prevent, at least, remote access. While they didn't totally do it right (they put BOTH password and token fields on the same page, so they'll still disclose the network password) and have some tweaking to do, they quickly realized the danger in their original configuration, and added value to my services to them.
So spend some time studying the use of ARP attacks, and how they can be used for both illegitimate, as well as analysis purposes. You'll find it useful.
~ hayabusa ~
"All men can see these tactics whereby I conquer,
but what none can see is the strategy out of which victory is evolved."
- Sun Tzu, 'The Art of War'
OSCE, OSCP (Former - GPEN, C|EH - both expiring / expired)