What is MITM ? How to Attack & Prevent ?
Man-in-the-Middle Attack
The MITM or Man in the middle attack is considered an active attack where an attacker creates a connection between the targets. Man in the middle attack is a risk to your privacy.
In this attack, victims think that they are communicating with each other, but in reality the attacker control and monitor all the traffic. Attacker impersonates a legitimate user to both the targets. The attacker sits between the victims and all the traffic goes through him so he can do whatever he wants with the data.
The purpose of this attack is to steal private information like passwords, Account information, Credit card details, etc.
MITM attack gives privilege to the attacker to intercept the information and send any information to the victims.
For making our communication secure we must ensure the following three attributes.
- Confidentiality – Only the authorized user is able to access the information.
- Integrity – Information should not be altered by an unauthorized person.
- Authenticity – Only authentic users are able to communicate.
Following are some software which is used for Man in the middle.
- Ettercap
- Air Jack
- Cain and Abel
- WinSniff
- Evilgrade
Prevention
- Man-In-The-Middle can be prevented by using SSL/TLS. This allows a secure encrypted connection between your system and your server, transmit all information in an encrypted way.
- Do not perform any sensitive or financial transaction while using an open or public Wi-Fi connection because most of the times open connection are not safe.
- Sign off immediately from your account when you are not using it. If you left it open then your session can be hijacked.
- Do not use any website if you see any alerts or warning pop up message that the website is not secure.
- Always verify “HTTPS” with “S” in URL of the website that you want to surf.
Following are some types of Man in the middle attack
- IP spoofing
- DNS spoofing
- HTTPS spoofing
- Wi-Fi Eavesdropping
- Email Hijacking
- SSL Hijacking