what is Men In The Middle Attack?

-

Men In The Middle Attack


"Men in the middle is a security attack, which is based on eavesdropping, being used to get sensitive information transmitting between user and server by means of getting access or entry in the middle with the help of relay/proxy to eavesdrop in sensitive information."

MITM(Men In The Middle) is a very common attack, which is also termed as Meet In The Middle attack is a kind of eavesdropping attack to listen or gain access on private conversation or data being transferred between user and the server without user and server consent. Men In The Middle Attack is used to breach AES(Advanced Encryption Standard) algorithm used in encryption. Because AES works on Symmetric key encryption, so if an intruder takes place in between or middle he can sniff key to decrypt the data.


How Does it work

Men In The Middle attack works in a very simple manner, a hacker or an intruder gain access in between a private conversation or data transferring session and behaves like data is directly transferring from the authentic server to the authentic user and vice versa, but in actual the data is being compromised in the middle by a hacker or intruder. The main connection between user and server broken and then both server and user are connected with the middle system or compromised system so that all data can be transferred through the compromised PC or hacker's PC.

Lets have a look into a scenario, bob and betsy communicating with each other, in this conversation an intruder gain access in this chat now betsy ask bob to his account no. to transfer funds (remember all messages being passed through hacker and if he wants he can reply you instead Bob) now hacker read the chat and send his own account number to betsy, then betsy send money to the hacker and they both don't know what is happening but when they get it. It is too late.

How to protect yourself from MITM attack


In order to protect yourself you need to be aware while surfing online that the site you are surfing or using for transactions is secured by HTTPS or VPN. Today HTTPS is also not secure but not that easy to break. Only use sites which displays green padlock in URL bar. Please do not use expired certificate site which displays a crossed HTTPS in your browser's URL bar. You can trust HTTPS because it is verified by SSL certificate means the server and resources you are using are reliable and provides you a secure channel which protects you from malicious users and hackers or from MITM attack too.

Please keep learning from computerflicks, because it is beyond computing.

Comments

Post a Comment

Popular posts from this blog

How do you host your website on free web hosting services or free web hosting sites?

-
What is web hosting? If you have a website, which is basically a collection of static or dynamic web pages and you want to make your site data public then you need a server which can store your pages in it, so that these pages can be invoked by users. You can also use your system as a server to host your site on your own computer. But you have some limitations when you host your site on your own computer as follow: 1. You need high speed internet to make your site available on the internet every time or 24x7. 2. If your site is dynamic and store some sort of user information then you need a proper backup for your site, which is costly. The alternate of the above process is to host your site on the paid or free web hosting companies . There is a list of paid and free hosting companies. Paid Service Web Hosting Companies 1. Hostgator.com 2. Bigrocks.com 3. Godaddy.com 4. Bluehost.com Free Service ...
Read more

What is NFC?

-
Image
NFC(Nearest Field Communication) NFC stands for Nearest Field Communication, is a technology included in mobile phones mainly high end smart phones to communicate with the nearest device by means of just tapping your device with another one which is also NFC enabled in order to transmit your data from one device to another in a very fast and efficient way. NFC is more than that in some countries. It is about to replace your debit and credit cards with your mobile phone. Now your mobile phone is going to become more smarter than traditional smart phones. NFC is an advanced version of RFID which stands for Radio Frequency Identification. In future NFC enabled devices would be everywhere to provide you convenience so that you can handle your data transfer, toll tax transactions, shopping in the malls and also from your computer to handle your transaction in few seconds and in many cases without your intervention. This technique is mainly a part of "on the go" technology...
Read more

Meaning of ping, Ip config, Trace-rt and netstat commands in Networking.

-
In the field of networking, sometimes some basic commands are very necessary to keep in mind because they help us to Know a lot of things like how to get the Ip address of a URL?, How to check that there is a connection established between client and server ?, How to trace the route of packets or get the IP address of the routers through your packet is coming ?, How to know your IP and MAC address ? and How to get the IP address of any system connected in a LAN (Local Area Network) ? So let me explain each of them one by one in this post. PING PING stands for Packet Internet Gopher and it is a utility software of windows operating system and often used to check the connection establishment between your PC and server e.g, it may your ISP's (Internet Service Provider) Server, if you are unable to use Internet while using broadband service you can ping your ISP server to get the connection. Basically it is used to estab...
Read more