|
Man-in-the-Middle attack (MitM) definition
Posted by: Margaret
Rouse
Contributor(s):
Mike Cobb
is one in which the attacker secretly intercepts and
relays messages between two parties who believe they are communicating directly
with each other.
MiTM attacks pose a serious threat to online security
because they give the attacker the ability to capture and manipulate sensitive
information in real-time. The attack is a type of eavesdropping in which the
entire conversation is controlled by the attacker. Sometimes referred to as a
session hijacking attack, MiTM has a strong chance
of success when the attacker can impersonate each party to the satisfaction of
the other.
A common method of executing a MiTM attack involves
distributing malware that provides the attacker
with access to a user’s Web browser and the data it sends and receives during
transactions and conversations. Once the attacker has control, he can redirect
users to a fake site that looks like the site the user is expecting to reach.
The attacker can then create a connection to the real site and act as a proxy
in order to read, insert and modify the traffic between the user and the
legitimate site. Online banking and e-commerce sites are frequently the target
of MITM attacks so that the attacker can capture login credentials and other
sensitive data.
Most cryptographic protocols include some form of
endpoint authentication specifically to prevent MITM attacks. For example, the
Transport Layer Security (TLS) protocol can be required to
authenticate one or both parties using a mutually trusted certification
authority. Unless users take heed of warnings when a suspect certificate is
presented, however, an MITM attack can still be carried out with fake or forged
certificates.
An attacker can also exploit vulnerabilities in a
wireless router’s security configuration caused by weak or default passwords.
For example, a malicious router, also called an evil twin, can be setup in a
public place like a café or hotel to intercept information traveling through
the router. Other ways that attackers often carry out man-in-the-middle attacks
include Address Resolution Protocol (ARP) spoofing, domain name system (DNS) spoofing, Spanning Tree Protocol (STP) mangling, port stealing, Dynamic Host
Configuration Protocol (DHCP) spoofing, Internet Control Message
Protocol (ICMP) redirection, traffic tunneling and
route mangling.
| ||||||
| ============================================== |
https://www.youtube.com/watch?v=HTgYHHKs0Zw&__scoop_post=bcaa0440-2548-11e5-c1bd-90b11c3d2b20&__scoop_topic=2455618
==============================================
**Important note** - contact our company for very powerful solutions for IP management (IPv4 and IPv6, security, firewall and APT solutions:
www.tabularosa.net
In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” will be published soon follow by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:
www.amazon.com/author/paulbabicki
If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo. I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications.
Lastly, I
am the founder and president of Tabula
Rosa Systems, a company that provides “best of breed” products for network,
security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT
product information for virtually anyone.
==============================================
No comments:
Post a Comment