dido:public:ra:xapend:xapend.a_glossary:m:mitm
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
dido:public:ra:xapend:xapend.a_glossary:m:mitm [2021/08/05 12:41] murphy |
dido:public:ra:xapend:xapend.a_glossary:m:mitm [2022/01/18 11:40] (current) nick |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ===== Man-in-the-Middle (MiTM) Attack ===== | ===== Man-in-the-Middle (MiTM) Attack ===== | ||
| - | [[dido:public:ra:xapend:xapend.a_glossary| Return to Glossary ]] | + | [[dido:public:ra:xapend:xapend.a_glossary:start| Return to Glossary ]] |
| A **Man-in-the-Middle (MiTM) Attack** is one in which the attacker secretly intercepts and relays messages between two parties who believe they are communicating directly with each other. The attack is a type of eavesdropping in which the entire conversation is controlled by the attacker. Sometimes referred to as a session hijacking attack, MiTM has a strong chance of success when the attacker can impersonate each party to the satisfaction of the other. MiTM attacks pose a serious threat to online security because they give the attacker the ability to capture and manipulate sensitive information in real-time. | A **Man-in-the-Middle (MiTM) Attack** is one in which the attacker secretly intercepts and relays messages between two parties who believe they are communicating directly with each other. The attack is a type of eavesdropping in which the entire conversation is controlled by the attacker. Sometimes referred to as a session hijacking attack, MiTM has a strong chance of success when the attacker can impersonate each party to the satisfaction of the other. MiTM attacks pose a serious threat to online security because they give the attacker the ability to capture and manipulate sensitive information in real-time. | ||
| Line 6: | Line 6: | ||
| A common method of executing a MiTM attack involves distributing malware that provides the attacker with access to a user’s Web browser and the data it sends and receives during transactions and conversations. Once the attacker has control, he can redirect users to a fake site that looks like the site the user is expecting to reach. The attacker can then create a connection to the real site and act as a proxy in order to read, insert and modify the traffic between the user and the legitimate site. Online banking and e-commerce sites are frequently the targets of MITM attacks so that the attacker can capture login credentials and other sensitive data. | A common method of executing a MiTM attack involves distributing malware that provides the attacker with access to a user’s Web browser and the data it sends and receives during transactions and conversations. Once the attacker has control, he can redirect users to a fake site that looks like the site the user is expecting to reach. The attacker can then create a connection to the real site and act as a proxy in order to read, insert and modify the traffic between the user and the legitimate site. Online banking and e-commerce sites are frequently the targets of MITM attacks so that the attacker can capture login credentials and other sensitive data. | ||
| - | Most cryptographic protocols include some form of endpoint [[dido:public:ra:xapend:xapend.a_glossary:a:authentication|authentication]] specifically to prevent MITM attacks. For example, the Transport Layer Security (TLS) protocol can be required to authenticate one or both parties using a mutually trusted certification authority. Unless users take heed of warnings when a suspect certificate is presented, however, a MITM attack can still be carried out with fake or forged certificates. | + | Most cryptographic [[dido:public:ra:xapend:xapend.a_glossary:p:protocol|protocols]] include some form of [[dido:public:ra:xapend:xapend.a_glossary:e:endpoint|endpoint]] [[dido:public:ra:xapend:xapend.a_glossary:a:authentication|authentication]] specifically to prevent MITM attacks. For example, the [[dido:public:ra:xapend:xapend.a_glossary:t:tls]] protocol can be required to authenticate one or both parties using a mutually trusted [[dido:public:ra:xapend:xapend.a_glossary:c:ca]]. Unless users take heed of warnings when a suspect [[dido:public:ra:xapend:xapend.a_glossary:d:digital_certificate]] is presented, however, a MITM attack can still be carried out with fake or forged Digital Certificates. |
| - | An attacker can also exploit vulnerabilities in a wireless router’s security configuration caused by weak or default passwords. For example, a malicious router, also called an evil twin, can be set up in a public place like a café or hotel to intercept information traveling through the router. Other ways that attackers often carry out man-in-the-middle attacks include [[dido:public:ra:xapend:xapend.a_glossary:a:arpspoof|Address Resolution Protocol (ARP) Spoofing]], [[dido:public:ra:xapend:xapend.a_glossary:d:dns]] spoofing, Spanning Tree Protocol (STP) mangling, port stealing, Dynamic Host Configuration Protocol (DHCP) spoofing, Internet Control Message Protocol (ICMP) redirection, traffic tunneling, and route mangling. | + | An attacker can also exploit vulnerabilities in a wireless router’s security configuration caused by weak or default passwords. For example, a malicious router, also called an evil twin, can be set up in a public place like a café or hotel to intercept information traveling through the router. Other ways that attackers often carry out man-in-the-middle attacks include [[dido:public:ra:xapend:xapend.a_glossary:a:arpspoof|Address Resolution Protocol (ARP) Spoofing]], [[dido:public:ra:xapend:xapend.a_glossary:d:dns]] spoofing, Spanning Tree Protocol (STP) mangling, port stealing, [[dido:public:ra:xapend:xapend.a_glossary:d:dhcp|Dynamic Host Configuration Protocol (DHCP)]] spoofing, Internet Control Message Protocol (ICMP) redirection, traffic tunneling, and route mangling. |
| Source: [[https://internetofthingsagenda.techtarget.com/definition/man-in-the-middle-attack-MitM ]] | Source: [[https://internetofthingsagenda.techtarget.com/definition/man-in-the-middle-attack-MitM ]] | ||
dido/public/ra/xapend/xapend.a_glossary/m/mitm.1628181671.txt.gz · Last modified: 2021/08/05 12:41 by murphy
