I've been playing around with cracking my WEP, ARPspoofing and SSLstrip, which is awesome.
However, what if i wanted to "reverse" the process to create a honeypot? Let's say i create a WEP network, which get hacked, and i would want to identify the hacker by f.example facebook.
Having the router forward all packets incoming on port 80/443 to port 5555 on my computer running SSLstrip/ettercap, which then again forwards the traffic to port 80/443 on my router and out on the internet. Would that work? I would like to eliminate the ARPspoof process.
Also, does anyone have any better ideas? I was thinking of port mirroring but that wouldnt eliminate the SSL if im not mistaken.
Maybe a simple solution is setting up a computer with 2 NIC's?