
   Our software never has bugs.
   It just develops random features.   ;)


KNOWN-BUGS

   - It is best that you don't launch ettercap on a host that is a gateway
      because man-in-the-middle attacks require disabling ip_forwarding, it may
      cause problems with routing. But if you want to scan the LAN passively
      the gateway is the right place to run ettercap... so be aware of what you
      are doing.

   - You cannot use plugins on yourself.
      outgoing link layer packets are not captured by the same socket, so they
      will be ignored.

   - While poisoning on a switched LAN, ettercap won't sniff the traffic made
      by your host to others. the technical reason is: otherwise ettercap will
      forward your packets two times (and this is not good...) the artistic
      reason is: why sniffing yourself with a man-in-the-middle method ? use
      simple sniffing instead ! ;)

   - While sniffing in Public ARP mode, ettercap can "view" only one way of
      the connection, so some protocol dissectors can fail...(not really a bug,
      just something to be aware of)

   - under X11 resizing the xterm can give a corrupted visualization
      of the interface. SIGWINCH is *partially* supported.

   - ettercap doesn't handle fragmented packets... only the first segment
      will be displayed by the sniffer. However all the fragments are
      correctly forwarded.

   - the ncurses interface is very slow !! so if you want to log and view ALL
      the packets without losing any, use the command line mode

   - under WINDOWS the pdcurses interface is unstable.
      sometimes it freeze up. this is a bug of the pdcurses library...


+ please send bug-report, patches or suggestions to <alor@users.sourceforge.net>
  or visit http://ettercap.sourceforge.net/forum/  and post it in the BUGS section.

+ to report a bug, recompile ettercap with 'configure --enable-debug'
  and attach ettercap_debug.log to the mail in which you explain the problem.

  Thanks to all !!
