Common Network Attack Strategies: Man in the Middle - dummies

Common Network Attack Strategies: Man in the Middle

By Edward Tetz

The man-in-the-middle network attack strategy is a type of masquerade attack that works like this: If the network attacker places herself between you and the server to which you are talking, the attacker can see all the data (encrypted or not) that you are sending to the server.

This particular attack is very disconcerting because they can easily see the data that you expect is 100-percent secure, even your HTTPS dealings with your bank.

In this attack, the attacker takes over the role of a device between you and the system you are talking to. This device could be a router, where the attacker confuses the switch ARP table and has data destined for the router to be sent to her. Then she relays the data to the router.

In this way, the attacker can still deal with the router and the server on the other side of the router, but the attacker sees all the traffic. This setup allows an attacker to capture passwords, even for secure sites, such as banking.

Tools that can conduct this type of attack are freely available. One such tool is Cain & Abel.

Man in the middle is one of the most insidious attacks, because you may not even know it is happening. For this reason, any unsecured network should be considered hostile or even broken.