Definition | Man-in-the-middle attack-Man-in-the-middle attack-MITM-Zimo News


In French called “man-in-the-middle attack”, an attack middleman Is a Network attacks Interference between 2 communicating entities to intercept or modify communications and Steal data. These entities can be people physical, Company and serverThe attacker can pretend to be one or two targets, or remain passive.This type of attack, also known as MITM, has been around for a long time, but nothing like Phishing Because it must target the victim or at least a network.

What is an attack middleman ?

Hackers will use An attack middleman (Or MITM) is used to restore data.Then he can Use them, Change or delete them. These data can be email account data, Bank Account Or, for example, a messaging system. The main reasons for such attacks are data theft, identity theft and illegal transfer of funds to foreign accounts.

There are some ways to protect yourself:

  • Pay attention to the URL displayed in the browser;
  • Use VPN;
  • Don’t connect to wireless network people;
  • Only connect to HTTPS sites;
  • Keep its operating system and its software up to date ;
  • Automatically verify authenticity Certificate Provided by the browser;
  • Use one Password manager,with permission password Complex and different from one site to another;
  • choose2 factor authentication When free;
  • If necessary, use end-to-end encryption;
  • Watch out for accidental disconnection.

How the attack works middleman ?

If the desired target is always the same, there are several types of attacks middleman.

Listen to Wi-Fi network

Attackers can “eavesdrop” on public Wi-Fi network traffic and even create a fake Wi-Fi network that people can connect to. This is a dangerous attack, and it is easy to set up.

ARP deceive

ARP is protocol of Resolution address. Spoof In English it means to deceive.The attacker disguised as bridge Network using network analyzer pack, is also called Network sniffer in English. When the victim connects to the network, it actually connects to the attacker who normally transmits data. The victim can’t see any anomalies, and the attacker can observe all the traffic.

Domain Name System Cache poisoning

The meaning of DNS Domain Name System, Or system domain name In French.An attack middleman IsCache poisoning DNS.The attacker provided false entries Domain Name System Link to a fake website. Users believe that they are on the right website and naturally enter their data, such as email account data. The attacker can also route the user’s network to their computer, and then route from their computer to the real website.

HTTPS deceive

One type of attack involves using the user’s trust in the HTTPS URL.The attacker created a fake website with a certificateverify URLs that are valid and almost indistinguishable from the real website, for example by changing the value Unicode One character (do not change the character).this Phishing It is a good way for users to visit related websites.Once the authentication certificate is stored on the victim’s computer, the attacker will relay the traffic to the real site pass through His computer.

Session hijacking

During the session hijacking, the attacker waits for the victim to connect to a web page, such as his bank website.Then he stole Session cookie Connect to the same account from the browser. He can therefore use the victim’s account.

You will also be interested

[EN VIDÉO] What is a cyber attack?
With the development of the Internet and the cloud, cyber attacks have become more frequent and complex. Who is behind these attacks and what is the purpose? What are the hacking methods and what are the largest cyber attacks?

Interested in what you just read?

Source link


Please enter your comment!
Please enter your name here