dido:public:ra:xapend:xapend.a_glossary:m:mitm
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | |||
|
dido:public:ra:xapend:xapend.a_glossary:m:mitm [2021/10/04 13:40] 50.19.247.197 ↷ Links adapted because of a move operation |
dido:public:ra:xapend:xapend.a_glossary:m:mitm [2022/01/18 11:40] (current) nick |
||
|---|---|---|---|
| Line 6: | Line 6: | ||
| A common method of executing a MiTM attack involves distributing malware that provides the attacker with access to a user’s Web browser and the data it sends and receives during transactions and conversations. Once the attacker has control, he can redirect users to a fake site that looks like the site the user is expecting to reach. The attacker can then create a connection to the real site and act as a proxy in order to read, insert and modify the traffic between the user and the legitimate site. Online banking and e-commerce sites are frequently the targets of MITM attacks so that the attacker can capture login credentials and other sensitive data. | A common method of executing a MiTM attack involves distributing malware that provides the attacker with access to a user’s Web browser and the data it sends and receives during transactions and conversations. Once the attacker has control, he can redirect users to a fake site that looks like the site the user is expecting to reach. The attacker can then create a connection to the real site and act as a proxy in order to read, insert and modify the traffic between the user and the legitimate site. Online banking and e-commerce sites are frequently the targets of MITM attacks so that the attacker can capture login credentials and other sensitive data. | ||
| - | Most cryptographic [[dido:public:ra:xapend:xapend.a_glossary:p:protocol|protocols]] include some form of [[dido:public:ra:xapend:xapend.a_glossary:e:endpoint|endpoint]] [[dido:public:ra:xapend:xapend.a_glossary:a:authentication|authentication]] specifically to prevent MITM attacks. For example, the [[dido:public:ra:xapend:xapend.a_glossary:t:tls]] protocol can be required to authenticate one or both parties using a mutually trusted certification authority. Unless users take heed of warnings when a suspect certificate is presented, however, a MITM attack can still be carried out with fake or forged certificates. | + | Most cryptographic [[dido:public:ra:xapend:xapend.a_glossary:p:protocol|protocols]] include some form of [[dido:public:ra:xapend:xapend.a_glossary:e:endpoint|endpoint]] [[dido:public:ra:xapend:xapend.a_glossary:a:authentication|authentication]] specifically to prevent MITM attacks. For example, the [[dido:public:ra:xapend:xapend.a_glossary:t:tls]] protocol can be required to authenticate one or both parties using a mutually trusted [[dido:public:ra:xapend:xapend.a_glossary:c:ca]]. Unless users take heed of warnings when a suspect [[dido:public:ra:xapend:xapend.a_glossary:d:digital_certificate]] is presented, however, a MITM attack can still be carried out with fake or forged Digital Certificates. |
| An attacker can also exploit vulnerabilities in a wireless router’s security configuration caused by weak or default passwords. For example, a malicious router, also called an evil twin, can be set up in a public place like a café or hotel to intercept information traveling through the router. Other ways that attackers often carry out man-in-the-middle attacks include [[dido:public:ra:xapend:xapend.a_glossary:a:arpspoof|Address Resolution Protocol (ARP) Spoofing]], [[dido:public:ra:xapend:xapend.a_glossary:d:dns]] spoofing, Spanning Tree Protocol (STP) mangling, port stealing, [[dido:public:ra:xapend:xapend.a_glossary:d:dhcp|Dynamic Host Configuration Protocol (DHCP)]] spoofing, Internet Control Message Protocol (ICMP) redirection, traffic tunneling, and route mangling. | An attacker can also exploit vulnerabilities in a wireless router’s security configuration caused by weak or default passwords. For example, a malicious router, also called an evil twin, can be set up in a public place like a café or hotel to intercept information traveling through the router. Other ways that attackers often carry out man-in-the-middle attacks include [[dido:public:ra:xapend:xapend.a_glossary:a:arpspoof|Address Resolution Protocol (ARP) Spoofing]], [[dido:public:ra:xapend:xapend.a_glossary:d:dns]] spoofing, Spanning Tree Protocol (STP) mangling, port stealing, [[dido:public:ra:xapend:xapend.a_glossary:d:dhcp|Dynamic Host Configuration Protocol (DHCP)]] spoofing, Internet Control Message Protocol (ICMP) redirection, traffic tunneling, and route mangling. | ||
dido/public/ra/xapend/xapend.a_glossary/m/mitm.1633369212.txt.gz · Last modified: 2021/10/04 13:40 by 50.19.247.197
