StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

MITM (Man in the middle) attack - Essay Example

Cite this document
Summary
Man in the middle attack abbreviated as MITM is the attack involving the intrusion of the attackers into the existing connection with an aim of intercepting the exchanged data and injecting false information. It mainly involves intruding into an existing connection,…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER93.4% of users find it useful
MITM (Man in the middle) attack
Read Text Preview

Extract of sample "MITM (Man in the middle) attack"

MAN IN THE MIDDLE ATTACK By Presented Man in the Middle Attack Man in the middle attack abbreviated as MITM is the attack involving the intrusion of the attackers into the existing connection with an aim of intercepting the exchanged data and injecting false information. It mainly involves intruding into an existing connection, eavesdropping on a connection, selectively modifying or changing data, and intercepting messages. The definition of MITM is that it is a type of attack where the intruder or attacker intrudes into the conversation or communication between the endpoints on a given network to include or inject false or untrue information and intercept the transfer of data between the endpoints.

The other names for MITM attack are fire brigade, Bucket Brigade, monkey-in-the –middle, TCP hijacking, session hijacking, and TCP session hijacking (Bhatia, 2008) Man-in-the-middle attack can be successful only when the attacker has the ability to impersonate each of the two endpoints to the others satisfaction. Most of the cryptographic protocols involve certain forms of authentication that is designed specifically to prevent the MITM attack. An example of an MITM attack that is successful against the public key encryption is as follows: In an MITM (Man-in-the-Middle) attack, the intruder or an attacker inserts or puts himself between notes of two networks. E.g.

, considering a successful attack, if a packet is sent to Alice by John, the packet sent passes through or branches through the attacker or intruder Jane first and Jane decides after getting it to forward it to the recipient Alice with modifications or without any; upon receiving the packet, Alice thinks that it come from John. The attack i.e. MITM is bidirectional, hence the same process applies upon Alice sending a packet to John (Samah, et al, 2008) The available techniques for preventing an MITM attack are authentication techniques based on second or secure channel verification, passwords and secret keys, which are strong and secure authentication, latency examination, one-time pads, and carry-forward verification.

Secret keys are high information entropy secrets hence more secure while passwords are low information entropy secrets, which are less secure (Stewart, 2008). Long or Extended calculations of Cryptographic hash function, which is a latency examination lead into few seconds and incase both involved parties take twenty seconds, the third party can be indicated since the calculation take sixty seconds to reach to each involved party. One-time pads are resistant or immune to MITM (man-in-the-middle) attacks in the case when the trust and security of the one-time pad is assumed.

An existing networking tool that can be utilized to prevent an MITM attack is the ARP monitoring tool called the ARP watch. This tool alerts the user when any unusual ARP communication has occurred (Nachreiner, 2011). The techniques that are used to generate an MITM attack are classified in consideration to the types of network environment. Based on LAN, There are ARP spoofing, DNS spoofing, IP address spoofing, Port stealing, and STP mangling. Considering through a gateway network( from the local to remote) there are ARP poisoning, DNS spoofing, DHCP spoofing, Gateway spoofing, IRDP spoofing, and ICMP redirection.

On remote networking there are DNS poisoning, Traffic tunneling, and Route mangling. ARP spoofing- Address Resolution Protocol(ARP) spoofing also called ARP poisoning or Routing involve the attacker using this technique to sniff LAN data frames and then modify or alter the packets. Corrupting the ARP caches of hosts who are directly connected and taking over the victims IP address is a technique that the attacker uses. The tools used include the ARPoison, which is a tool (UNIX command line) that is used to create or form spoofed packets of ARP.

Other tools are Ettercap for hijacking, poisoning, filtering, and SSHv.1 sniffing, and Dsniff for sniffing, and poisoning. DNS spoofing- involve the attacker starting by sniffing the identity of any request of DNS and replying the target request just before the real DNS server does so. IP address spoofing entails the attacker creating IP packets that have forged IP address source to conceal the ID of the packet sender or impersonating another system of the computer. The tools used are Hping and spoofed IP.

Port stealing is used to spoof FDB (switch forwarding database) and then usurp the victim host’s switch port for layer two networks packet sniffing (Bhatia, 2008:p.1). The networking tool that is available in ADIOS Linux for preventing an MITM attack is called ettercap. This tool features the sniffing of live connections, and contentment filtering found on the fly among other tricks that is has. Ettercap supports passive and active dissection of several protocols including the ciphered protocols and also has other features for host and network analysis.

Ettercap is multipurpose (ADIOS Linux Project, 2010) The networking tool for generating MITM attack in an ADIOS Linux is called the ARPoison. This tool is a UNIX Command –line that creates or generates spoofed ARP packets. This program sends a custom packet called ARP REPLY. Another tool that can be used to generate an MITM attack is Dsniff. This tool was developed for penetration and auditing testing but can be used for SSL MITM attacks. The components of this tool are “filesnarf’, ‘msgsnarf’, ‘mailsnarf’, ‘webspy”, and “urlsnarf.

” Ettercap, which is the ADIOS tool for preventing an MITM attack is demonstrated below.Figure 1: ADIOS tool for preventing an MITM attack (Source: Ettercap)List of ReferencesADIOS Linux Project., 2010., ADIOS 8(NET). [Online] Available at: [Accessed January 13 2012] Alor & Naga., 2010. Ettercap: 0.7.4-Lazarus Released. Ettercap.[Online] Available at: < http://ettercap.sourceforge.net/> [Accessed January 13 2012]Bhatia, A., 2008. Man-In- The- Middle Attack. Toolbox [online] (December 8, 2008) Available at: http://it.toolbox.com/wiki/index.

php/Man-in-the-Middle_Attack [Accessed January 13 2012]Samah, A. et al., 2008. Symmetric Encryption.[online] Available at: [Accessed January 13 2012]Nachreiner, C., 2011. Anatomy of an ARP Poisoning Attack. WatchGuard [online] Available at: [Accessed January 13 2012]Stewart, J.M., 2008. CompTIA security+ review guide. Hoboken, NJ: John Wiley and Sons

Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“MITM (Man in the middle) attack Essay Example | Topics and Well Written Essays - 500 words”, n.d.)
MITM (Man in the middle) attack Essay Example | Topics and Well Written Essays - 500 words. Retrieved from https://studentshare.org/information-technology/1587545-mitm-man-in-the-middle-attack
(MITM (Man in the Middle) Attack Essay Example | Topics and Well Written Essays - 500 Words)
MITM (Man in the Middle) Attack Essay Example | Topics and Well Written Essays - 500 Words. https://studentshare.org/information-technology/1587545-mitm-man-in-the-middle-attack.
“MITM (Man in the Middle) Attack Essay Example | Topics and Well Written Essays - 500 Words”, n.d. https://studentshare.org/information-technology/1587545-mitm-man-in-the-middle-attack.
  • Cited: 0 times

CHECK THESE SAMPLES OF MITM (Man in the middle) attack

Berkeley Internet Name Domain Spoofing Attack

In this assignment, the writer will focus on securing BIND from the spoofing attack and the configuration needed to log that specific data transfer.... These include the Denial of Service (DOS) attack, the spoofing attack, or attacks against the DNS software.... Also, this could lead to a Denial of Server (DoS) attack or even possibly a Man-in-the-middle (MITM) attack.... The network administrators have some options to secure the BIND from the spoofing attack....
9 Pages (2250 words) Assignment

Security in Short Range Wireless Networks

Once the victim clients connect, traffic is routed using DHCP and DNS through the evil twin, and this may lead to man-in-the-middle attacks (Lemstra, Hayes, & Groenewegen, 2010).... The paper "Security in Short Range Wireless Networks" argues security can be achieved through the establishment of a secure channel....
12 Pages (3000 words) Case Study

Near field communication (NFC) and its validity as a secure system of data transfer

Achievement of an MITM attack is unlikely due to the short distance requirement.... Chances of an MITM attack can be minimized through the use of an active-passive mode of communication(Sharma, et al.... Another possible attack involves data modification in which case the attacker captures and modifies the communicated data using a radio frequency.... This attack could be prevented using the RFID jammer.... Spoofing is also a common attack when it comes to NFC networks, which involves the attacker pretending to be a different entity thus inducing a user into tapping its device against a given tag....
2 Pages (500 words) Essay

DRM and trusted computing

This is DRM AND TRUSTED COMPUTING The setup in which trusted computing when used to enforce DRM is vulnerable to man in the middle attacks (MitM) because of the ARP spoofing.... Computers that use unencrypted networks are vulnerable to attacks by the man in the middle because their network traffic is easily grabbed (Luotonen 1998, p.... 128), trusted computing is vulnerable to MitM attack when used to enforce DRM if the attacker acts as a proxy between two communicating users....
1 Pages (250 words) Essay

Why is Security so Difficult to Define

The religious beliefs that one follows need protection from influence and attack from other faiths and beliefs.... Politically, every individual and society as a whole needs security from attack from other countries which includes protection from unacceptable forms of governance.... Ask a person a hundred years back about security and the reply would inevitably be a blatant attack from another country.... A nation can attack another state as a deterrent to possible attacks from the latter....
8 Pages (2000 words) Coursework

GSM Phone Security

The writer of the paper “GSM Phone Security” states that there are specific attacks that can be done on the GSM phone.... There are however countermeasures that can as well be taken to try and prevent these attacks or at least limit the attacks for that matter.... hellip; Recently, there have been cases reported of eavesdropping on cell conversations....
10 Pages (2500 words) Coursework

Hackers and How to Control Them

Some of the common methods used by the hackers include; stealing of the password, stealing of the password, exploitation of the existing defaults, wireless attacks, monitoring of research that are vulnerable, Trojan horses, a man in the middle attackers, research on the organization, being persistence and patient, social spying, being on the inside.... However, the company needs not to worry anymore as this paper is going to provide them with the common methods that hackers use to attack their system and some of the ways in which these hackers can be prevented....
9 Pages (2250 words) Coursework

Attacking Cryptography

This paper "Attacking Cryptography" tells that cryptography is the conversion of different kinds of data into secret protected codes  (Stinson 2006).... nbsp;There are three main ways of encrypting data Asymmetric cryptography, Cryptographic hash functions, and Symmetric cryptography (Mollin 2008)....
9 Pages (2250 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us