Man in the Middle (MiM) attacks are cyber attacks where an adversary/attacker is positioned between two communicating parties in order to intercept and/or alter data traveling between them. In the context of authentication, the attacker would be positioned to intercept and maliciously alter or inject data between claimer parties trying to obtain information and verifier parties trying to release that information during online handshakes.
In other words, it is a form of active wiretapping attack, in which the attacker hijacks the transaction, infultraites it, and becomes the conduit through which he selectively modifies, adapts or alters communicated data by passing himself off as one of the legitimate parties in the cyber dialogue. This attack could target communnications such as a bank transaction or an email.
Man in the middle is also known as "session hijacking" or the Fire Brigade attack.
- SSL connections may prevent you from connecting through the MiM. Enforce the use of File-Encrypt (Other encrypted files) on any file you don't want intercepted.
- WEP is vulnerable if a Key is found and could result in text being decrypted - look for alternatives.
0 Comments