Types of Man-in-the-Middle Attacks
- Rogue Access Point: Devices with wireless cards frequently try to automatically connect to the access point with the strongest signal. Attackers can set up their wireless access points and nearby devices joining their domain.
- ARP Spoofing: ARP stands for Address Resolution Protocol. It converts IP addresses to physical MAC (media access control) addresses in a local area network. When a host needs to communicate with a host with a specific IP address, it uses the ARP cache to convert the IP address to a MAC address. If the address is unknown, a request is sent for the MAC address of the device associated with the IP address.
- DNS Spoofing: DNS resolves domain names to IP addresses in the same way as ARP does on a local area network. In a DNS spoofing attack, the attacker tries to inject faulty DNS cache information into a host to visit another host using their domain name.
- Email phishing: A threatening attacker uses a false email to attempt to get access to sensitive data. Phishing scams sometimes use emails spoofing official sources, such as a corporate executive or a bank representative, to get login credentials, account information, and other information from consumers.
- Router spoofing: One of the most common man-in-the-middle attacks is router spoofing, which occurs when an attacker with malicious intent establishes a fake wifi network that replicates proper networks in the area to mislead people into connecting. Once they do, the attacker gains access to the data streaming from the user’s device.
How to Prevent Man In the Middle Attack?
In a web application, there are two things usually: the client and the server. The third entity that remains unnoticed most of the time is the communication channel. This channel can be a wired connection or a wireless connection. There can be one or more servers in the way forwarding your request to the destination server in the most efficient way possible. These are known as Proxy servers.
Contact Us