Phone : +91 9582 90 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Man in the Middle (MitM) attack – What is it and how to stay protected?

Man in the Middle (MitM) attack – What is it and how to stay protected?

  • The first and foremost step in the Man-in-the-Middle (MitM) attack is to intercept internet traffic before it reaches its destination.
  • Once the interception is achieved, the SSL traffic has to be decrypted without the user’s knowledge and without interrupting the application.

Man-in-the-Middle (MitM) is an attack where the attacker eavesdrops on the communication between two parties, commonly between a user and an application, in order to alter or intercept the communication.

The information obtained in the communication will then be used to stealpersonal information, credentials, and financial information.

How does this work?

Attackers perform MitM attacks in two phases – Interception and Decryption.

Interception

The first and foremost step in the Man-in-the-Middle (MitM) attack is to intercept internet traffic before it reaches its destination. Interception is executed by using the following techniques.

  • IP Spoofing
  • ARP Spoofing
  • DNS Spoofing

Decryption

Once the interception is achieved, the SSL traffic has to be decrypted without the user’s knowledge and without interrupting the application. This can be done with the following methods.

  • HTTPS Spoofing
  • SSL Hijacking
  • SSL Stripping
  • SSL Beast

Example of MitM vulnerabilities – UC Browser vulnerable to MitM attacks

Researchers uncovered a feature in UC browser that downloads extra app modules and runs executable codes on users’ devices, thereby violating Google Play Store policies and potentially exposing its users to Man in the Middle (MitM) attacks.

  • UC Browser sends a request to the C&C server to download new plug-ins.
  • In response to the request, the UC browser receives a link to file.
  • Attackers can get hold of the requests from the UC browser since its communication to the C&C server is carried over an unsecured channel.
  • Attackers can then replace the commands with ones containing different addresses.
  • This makes the UC browser download new modules from the malicious server instead of its C&C server.

How to stay protected?

  • It is best to implement the HSTS (HTTP Strict Transport Security) solution that forces browsers and sites to connect through secure HTTPS connections.
  • In order to stay protected, it is best to avoid using public WiFi that is not password protected.
  • It is recommended to ensure that your home and office WiFi is always secure.
  • Experts recommend using a secure Virtual Private Network (VPN).
  • Security researchers recommend using Public key pair based authentication like RSA in order to secure your communication.
  • It is recommended to always ensure that the webpages or websites you visit are running on HTTPS and not the HTTP protocol.

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 9582 90 7788 | Support Number : +91-9654016484
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket