Man-in-the-Middle Attack Techniques
- Sniffing: Packet sniffing is a man-in-the-middle attack in which an attacker captures and analyses network communication. The attacker can then examine and manipulate the data that is transmitted between two devices.
- Packet Injection: An attacker may also use the device’s monitoring mode to inject malicious packets into data communication streams. The packets might mix in with real data transmission streams, giving the impression that they are part of the conversation but are harmful. Packet injection normally starts with sniffing to establish how and when to create and deliver packets.
- SSL Stripping: SSL stripping is a form of man-in-the-middle attack in which an attacker tries to degrade an encrypted HTTPS connection to HTTP. The attacker can then view and alter the data being transmitted between two devices.
- Eavesdropping: Eavesdropping is a type of man-in-the-middle attack in which an attacker listens to an ongoing communication session between two computers. The attacker can then view and alter the data being transmitted between two devices.
How to Prevent Man In the Middle Attack?
In a web application, there are two things usually: the client and the server. The third entity that remains unnoticed most of the time is the communication channel. This channel can be a wired connection or a wireless connection. There can be one or more servers in the way forwarding your request to the destination server in the most efficient way possible. These are known as Proxy servers.
Contact Us