Man-in-the-Middle Attack (MITM)
o Introduction:
A Man-in-the-Middle (MITM) attack occurs when a communication between two systems is intercepted by an outside entity. This can happen with in any network or any form of online communication, such as email, social media, web surfing, online banking etc.
The common goal of an attack is to steal personal information, is to gain login credentials, account details and credit card numbers or digital resource.
Some time Targets are typically the users of financial applications, e-commerce sites, social site, mail portal and other websites where logging in is required.
o Activity:
There are two types of activity can be done by MITM:
1. The intruder read the content, and change the content to miss lead the receiver. It’s an Active attack by it’s nature.
2. The intruder will read the content, but don’t change the content. It’s an Passive attack by it’s nature. This activity is more dangerous because often time it’s hard to identify that some one is monitoring and taking benefit.
o Technique used MITM Attacks:
Common technique is used in MITM Attacks and those are:
1. Rogue Access Point
2. Address Resolution Protocol (ARP) Spoofing
3. Domain Name System (DNS) Spoofing
4. Multicast Domain Name System (mDNS) Spoofing
5. Spanning Tree Protocol (STP) mangling
6. Internet Control Message Protocol (ICMP) redirection
7. Dynamic Host Configuration Protocol (DHCP) spoofing
o Common Precautions:
1. Use Strong WEP/WAP Encryption on Access Points
2. Use Virtual Private Network (VPN)
3. Force HTTPS over HTTP
4. Public Key Pair Based Authentication
5. Use trusted application or software.
6. Check SSL Certificate is trusted or not.
o Wrap Up:
It’s very high, most of government official communication are done by email and also people do online transaction and put important content to online.
It’s need to think about the security of digital communication. There is no constant procedure to prevent the attack so, you have to update with new technologies.
