MAN IN THE MIDDLE ATTACK !!!! ALL YOU NEED TO KNOW
MAN IN THE MIDDLE ATTACK!
Protecting our data online is never going to be an easy task, especially nowadays when attackers are regularly inventing some new techniques and exploits to steal your data. Sometimes their attacks will not be so harmful for individual users. But large-scale attacks on some popular web sites or financial databases, could be highly dangerous. In most cases, the attackers first try to push some malware on to user’s machine. Sometimes this technique doesn’t work out, however.
A man-in-the-middle attack is a type of cyberattack
where a malicious actor inserts him/herself into a conversation between
two parties, impersonates both parties and gains access to information
that the two parties were trying to send to each other. A
man-in-the-middle attack allows a malicious actor to intercept, send and
receive data meant for someone else, or not meant to be sent at all,
without either outside party knowing until it is too late.
Man-in-the-middle attacks can be abbreviated in many ways, including
MITM, MitM, MiM or MIM.
Lets say there are 3 characters in this
story: Mike, Rob, and Alex. Mike wants to communicate with Rob.
Meanwhile, Alex (attacker) inhibit the conversation to eavesdrop and
carry on a false conversation with Rob, behalf on Mike. First, Mike asks
Rob for his public key. If Rob provides his key to Mike, Alex
intercepts, and this is how “man-in-the-middle attack” begins. Alex then
sends a forged message to Mike that claims to be from Rob, but
including Alex’s public key. Mike easily believes that the received key
does belong to Rob, when actually that’s not true. Mike innocently
encrypts his message with Alex’s key and sends the converted message
back to Rob.
KEEP VISITING FOR UPDATES
Protecting our data online is never going to be an easy task, especially nowadays when attackers are regularly inventing some new techniques and exploits to steal your data. Sometimes their attacks will not be so harmful for individual users. But large-scale attacks on some popular web sites or financial databases, could be highly dangerous. In most cases, the attackers first try to push some malware on to user’s machine. Sometimes this technique doesn’t work out, however.
What is Man-in-the-middle attack
A popular method is Man-in-the-middle attack. It is also known as a bucket brigade attack, or sometimes Janus attack in
cryptography. As its name suggests, the attacker keeps himself /
herself between two parties, making them believe that they are talking
directly to each other over a private connection, when actually the
entire conversation is being controlled by the attacker.
A man-in-the-middle attack can
be successful only when the attacker forms a mutual authentication
between two parties. Most cryptographic protocols always provides some
form of endpoint authentication, specifically to block MITM attacks on
users. Secure Sockets Layer (SSL) protocol is always being used to authenticate one or both parties using a mutually trusted certification authority.
How it works
Lets say there are 3 characters in this
story: Mike, Rob, and Alex. Mike wants to communicate with Rob.
Meanwhile, Alex (attacker) inhibit the conversation to eavesdrop and
carry on a false conversation with Rob, behalf on Mike. First, Mike asks
Rob for his public key. If Rob provides his key to Mike, Alex
intercepts, and this is how “man-in-the-middle attack” begins. Alex then
sends a forged message to Mike that claims to be from Rob, but
including Alex’s public key. Mike easily believes that the received key
does belong to Rob, when actually that’s not true. Mike innocently
encrypts his message with Alex’s key and sends the converted message
back to Rob.
In the most common MITM attacks,
attacker mostly uses a WiFi router to intercept user’s communication.
This technique can be work out by exploiting a router with some
malicious programs to intercept user’s sessions on the router. Here, the
attacker first configures his laptop as a WiFi hotspot, choosing a name
commonly used in a public area, such as an airport or coffee shop. Once
user connects to that malicious router to reach websites such as online
banking sites or commerce sites, attacker then logs user’s credentials
for later use.
Man-in-the-middle attack prevention & tools
Most of the effective defences against
MITM can be found only on router or server-side. You won’t be having any
dedicated control over the security of your transaction. Instead, you
can use a strong encryption between the client and the server. In this
case server authenticates client’s request by presenting a digital
certificate, and then only connection could be established.
Another method to prevent such MITM attacks is, to never connect to
open WiFi routers directly. If you wish to so, you can use a browser
plug-in such as HTTPS Everywhere or ForceTLS. These plug-ins will help you establishing a secure connection whenever the option is available.KEEP VISITING FOR UPDATES
No comments: