Common types of MITM attacks and protection measures

There are a few common MITM attacks, as found in the following list, that you need to be aware of, and also a few protection measures against those attacks:

  • Sniffing: Sniffing, also known as packet sniffing, in which attackers use widely/freely available packet capture tools by using specific wireless devices to inspect and monitor packets communicated over a network.
  • Packet injection: Injecting malicious packets into data communication streams in such a way that they blend in with valid data streams and appear as part of the original/intended communication.
  • SSL stripping: Altering HTTPS network communication to HTTP on the fly and making the communication insecure is another form of MITM attack (the user may not even realize that they are redirected to unsecured endpoints) and, leaking sensitive information as plain text, which attackers get onto it quickly.
  • Email hijacking: A very common type of MITM attack, in which attackers mimic a trusted site (for example, a bank's website) send an email with instructions to the targeted account and convinces the account holder to follow the instructions in the email, resulting in the catastrophic effect of losing their money/personal information and so on.
  • Wi-Fi eavesdropping: This involves setting up exclusive Wi-Fi access points to lure users to get connected and make them use the network. Once the user is connected to those Wi-Fi access points, attackers will intercept and gain their credentials, credit card information, and much more sensitive information.
  • Session hijacking: Once the user logs in to an application with their credentials, the application will generate a temporary token so that user does not need to provide credentials again to access subsequent pages. However, an attacker can sniff and pick up that session token and use it to gain access to the user's account.
  • Protection measures: Protection against MITM attacks are as follow:
    • Secure/Multipurpose Internet Mail Extensions (S/MIME)
    • Public key infrastructure (PKI) based authentication certificates
    • SSL/TLS certificates
    • System and server configurations
    • HTTP Strict Transport Security (HSTS)
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.14.252.56