Bandwidth exhaustion in an ad hoc network can seriously downgrade communication quality and cause denial of service (DoS). This paper studies a set of attack approaches to exhaust bandwidth, which follow protocols and are hard to detect. From early researches, it is clear that an attacker can misuse media access control (MAC) and routing protocols to cause DoS. However, we find that an attacker can steal or seize bandwidth from others while being a "good" node. This paper also clarifies some misunderstandings about the nature of bandwidth exhaustion. For example, some people believe that nodes can get the same amount of bandwidth if they demand the same, and attackers can always cause serious DoS by demanding more bandwidth. This study results in a family of intriguing findings. For example, this study finds that in IEEE 802.11 networks (a) nodes demanding the same amount of band-width may get very different bandwidth, and (b) demanding more bandwidth does not always enable the attacker to steal more bandwidth from the legitimate nodes. These findings not only show that attackers can take advantage over legitimate nodes via a deliberate selection of attack parameters, but also provide insights on how to effectively counteract bandwidth exhaustion in ad hoc networks.