Man-In-The-Middle-Attack Explained

Man In The Middle Attack

By using man-in-the-middle-attack method you can intercept a communication between two systems and also you can modify the information passing to a computer.

In the case of a connection between client and server, the attacker splits the TCP connection into two. One between client and attacker and one between server and attacker.

The attacker uses the tool, that can act as a server to the client and client to the server. This powerful attack can capture a session cookie (which can be used to hijack the session) and also can be used to change the amount of money transactions.

This attack can also implement in SSL connection. That is, the attacker establishes SSL connection to the web server and victim's browser establishes SSL connection to attacker.

MITM Attack Tools :

  • Cain and Abel 
  • Ettercap 
  • Dsniff 
  • Packet Creator 
  • Netcat 

How To Prevent MITM Attack

  • In the case of SSL connection, the browser may warn you that "The digital certificate of server is not valid". If you ignore the notification, it may leads to cause a malicious activity on your web accounts. 
  • Use latest version of high security web-browsers (Eg: Mozilla FireFox etc).

No comments

Powered by Blogger.