Man in the Middle attack

What is Man in the Middle Attack ? | Examples MITM Types

Cyber Attacks Cyber Security
TechmajikLeave a Comment on What is Man in the Middle Attack ? | Examples MITM Types
Spread the love

What is Man in the middle attack?

By this attack Communications between two parties are altered.

In short it is called as MITM.

Two parties believe they are directly communicating with each other.

Attackers interrupts in communications between two parties.

Mitigation:

  • Use static ARP
  • Encryption
  • IPS system ( It can detect sudden change in the network performance)
  • Use VPN secure environment

How Man in the middle attack works?

  • Attackers interrupts a data transfer between client and server.
  • Client believes that it is still communicating with the particular server.
  • Server believes that it is communicating with client.
  • But there is third person, man in the middle who listens, data.

Another Example:

Attacker set-up fake chat service.

Chats with user to gain account information.

Users believes he or she is communicating with bank representative, who is actually an attacker.

Types of Man in the middle attacks:

Sniffing:

In this attacker takes help of software to intercept (sniff) data.

Rough Access Point/ Evil Twin:

In this attacker uses duplicates a trusted WIFI network/setups a wireless access point.

User believes they are signing to real or original network.

Now attackers intercepts data.

Session Hijacking or Side-jacking:

In this attackers sniffs data packets.

Steals session cookies and hijack user session.

Once attacker gets access to user session, he can do anything.

Packet Injection:

In this malicious packets are injected into data communications streams.

SSL Stripping:

Hackers take help of SSL stripping to intercept packets.

and they alert HTTP request to the HTTP equivalent endpoint.

Host will be force to make request to the server.

By this unencrypted sensitives data can be leaked in the form of plain text.

 

What is ARP poisoning?

Also known as ARP spoofing.

In this hackers send falsified ARP message to LAN.

In order to link hacker MAC Address with IP address of legit computer or server on the network.

It is used for Man in Middle attack.

Mitigation:

  • Use static ARP
  • Detect ARP spoofing by using tools such as XARP
  • Packet filtering
  • Install Anti virus and keep signatures updated.

Related Posts

What is Encryption and decryption in cyber security

What is Encryption and Decryption in Cyber security with Examples

Techmajik
What is Ethical Hacking in Cyber Security

What is Ethical Hacking in Cyber Security ? Types of Hackers

Techmajik
what is syn flood attack

What is Syn flood attack? How to Mitigate and Avoid in Future

Techmajik

Leave a Reply

Your email address will not be published. Required fields are marked *