Man in the Middle

From
Jump to navigation Jump to search

Man in the Middle attacks generally allow an attacker to get in the middle of other hosts communication. Any information in between these hosts can be read, blocked or even altered by the attacker. An attacker being in the middle does not necessarily mean he physicly interupted the other hosts connection to put himself in the middle. Other ways to get in the middle of other hosts communication are several Spoofing techniques, which let hosts in the network think, the attacker is someone else. Dangerous in this context is especially if the attacker lets a host believe he's the gateway.

Once in the middle of other hosts communication, the attacker can easily intercept encrypted connections, sniff passwords, or inject false data into connections. Tools like Ettercap automate this process, by supporting severel Man in the Middle attacks (ARP poisoning, Icmp redirect, Port stealing, DHCP spoofing), sniffing techniques and even mechanisms to intercept SSH and HTTPS connections by delivering almost identical copies of original the certificates.

Retrieved from "https://sarwiki.informatik.hu-berlin.de/index.php?title=Man_in_the_Middle&oldid=549"