EDUCBA

EDUCBA

MENUMENU
  • Free Tutorials
  • Free Courses
  • Certification Courses
  • 600+ Courses All in One Bundle
  • Login

What is Man In The Middle Attack?

By Priya PedamkarPriya Pedamkar

Home » Software Development » Software Development Tutorials » Network Security Tutorial » What is Man In The Middle Attack?

Man-In-The-Middle-Attack

Overview of What is Man In The Middle Attack

Man in the middle attack is also called a bucket brigade attack, occurs when some unauthorized person gets access to the authorized message or data, which is a transfer from sender to receiver or vice versa. For example, suppose user A wants to communicate with B, A sends 3 as a value to B, the attacker present in between A and B gets access to the value of A and changes it to 9 and sends 9 to B. In other words, we can say that when the attacker sits between the sender and receiver and modify the data transferred between them is called Man in the middle attack.

Man In The Middle Attack

When two users are communicating with each other, another third unknown entity enters into the conversation to eavesdrop to attain the data from the conversation. This third unknown entity is totally unknown to the recipient and sender of the communications (users). E.g., You are chatting with someone online. There’s a third unknown entity present in the communication, which is totally unknown to both of you. This third-person might chat individually with both in a way that both will keep thinking that the other is sending messages. Or the third entity can intercept the messages and add new content to them. This all will be done so discreetly that both the users will remain totally un-notified.

Start Your Free Software Development Course

Web development, programming languages, Software testing & others

The following diagrams depict how a MITM happens:

Original Valid Communication

Invalid MITM Attacked Conversion

Figure 1: This is the regular route or the channel through which the communication should take place.

Figure 2: The communication is taking place through the altered channel, and Man in the Middle has attacked the systems /users.

In simple words, Main in the Middle Attack is the same as the person who eavesdrops in the conversation and uses the information for his / her benefit.

Types of Man in the Middle Attack

Below are the different types of man in the middle attack, which are as follows:

Popular Course in this category
Cyber Security Training (12 Courses, 3 Projects)12 Online Courses | 3 Hands-on Projects | 77+ Hours | Verifiable Certificate of Completion | Lifetime Access
4.5 (6,002 ratings)
Course Price

View Course

Related Courses
CDN Training (2 Courses)OSPF Training Program (2 Courses)Penetration Testing Training Program (2 Courses)

1. Session Hacks

We often get notifications when we browse about cookies and sessions. So these cookies and sessions store the information which is our personal. It might contain login ids and passwords. So what MITM attackers do is they get the hold of these session cookies, and once they have it, all the sensitive data is accessible to them, and then the data theft happens. Generally, all the sites have auto-fill up forms, ask users to enter the passwords and verify, etc.; this is where they get people’s data.

2. Email Hacks

MITM attackers access the interception of messages between two users. The first user sends some sensitive information over the net to the second user. So, it works exactly like figure 2. The attacker sends the email to either party, which is masked, which means either one doesn’t figure it out that it is fake and demands some sensitive information or account details, and then the hacking takes place.

3. Wi-Fi Hacks

Generally, this happens when users connect to a free Wi-Fi source, and hackers can easily target such users. Free Wi-Fi sources are crucial mediums of connections, as a very low-security level is made available through it. Another Wi-Fi hack is, the attackers develop a very similar network to what the users are currently working on.

Purpose & Motive of Man in the Middle Attack

Man in the Middle attackers; generally target the users who are naïve with the network controls. Easy targets. But, it doesn’t mean that complex systems cannot be hacked. These attackers gather this information and then use it as a normal user to use it. It is mainly targeted to get sensitive information of/from the users like account details, bank PINs. This information helps them to enter into the system and use it or even sell the information. This has been seen recently many times, that due to the attacker, system data has been published online or sensitive data has been leaked.

How does Man In The Middle take place?

There are two main steps with the help of which MITM attackers hack into the systems; viz:

1. Interception

The attacker makes a dummy network that users can use for free. And when the users enter the data, it is first transferred to the attacker’s files and then towards the reallocation. This is the passive and most easy of attacking the systems.

Attackers might use one of the following ways too:-

  • IP Spoofing: All the devices have IP addresses. When the user enters the data over a network, it gets transferred to the receivers IP address. But in between, the attackers create some IP addresses which are very similar to the recipient’s IP address. So, instead of sending data to the real destination, it gets transferred to the attacker’s IP address.
  • ARP Spoofing: In this, MAC addresses of the attackers are attached along with the IP address of the user. So data gets transferred to the attacker’s IP address as soon as it is sent.
  • DNS Spoofing: DNS means Domain Name System. Attackers, change the cache records of the browsers. So when the user enters the given site, instead of going to the correct URL / website, it is sent to some dummy site that the attacker has created.

 2. Decryption

  • HTTPS Spoofing: Generally, all the users see the “https” as secure. But in this attacker puts in manually a certificate, which looks like secure and trusted to be used. So, all the data is routed through it. But as it looks similar to a secure site, the browser sends the key to read the data; an attacker gains access to the information.
  • SSL Beast: The attacker infects the user’s computer with some false cookies, and CBC is compromised, so the data is easily decrypted.
  • SSL hijacking: As mentioned earlier, HTTPS stands for secure. Just before the browser connects to the HTTPS from HTTP, it is routed to the attacker’s browser.
  • SSL Stripping: Attacker brings down the website security to a level where all it is in between HTTPS and HTTP. So all the data is available in a non-encrypted textual format.

What to do after Man In The Middle Attack and How to prevent it?

There are certain ways/steps which can be followed to prevent the attack after it has taken place, viz:

  • Check the security levels of the networks with which you are connected with.
  • Never connect to the Free Wi-Fi source unless it is from a known source.
  • Stay alerted of potentially fraudulent emails and unknown links, which might lead to other unknown websites.
  • Stay connected to the websites connected with HTTPS protocols; they have more security levels over HTTP.
  • Use VPNs while on a network, so the data which is being used or transferred securely. All the data is fetched and saved using a VPN is encrypted.
  • Use anti-malware software that detects and eliminate malware.

Conclusion

While using data on the network, always stay connected to the secure sites and avoid clicking on the links, leading to some unknown sources.

Recommended Articles

This has been a guide to What is Man In The Middle Attack. Here we have discuss the overview, Types, Purpose & Motive etc. You can also go through our other suggested articles to learn more –

  1. What is Cyber Security?
  2. What is Network Security?
  3. Careers in Cyber Security
  4. Cyber Security Interview Questions

Cyber Security Training (12 Courses, 3 Projects)

12 Online Courses

3 Hands-on Projects

77+ Hours

Verifiable Certificate of Completion

Lifetime Access

Learn More

0 Shares
Share
Tweet
Share
Primary Sidebar
Network Security Tutorial
  • Attacks
    • Types of Network Attacks
    • What is Trojan Horse Virus
    • What is DOS
    • Types of DOS Attacks
    • DDos Attack Mitigation
    • Ransomware Attack  
    • Types of Cyber Attack
    • What is a Brute Force Attack
    • What is a Phishing Attack
    • What is Cyber Attack
    • What is DDoS Attack
    • What is Man In The Middle Attack
    • What is Man In The Middle Attack
    • What is Ransomware
    • What is Pharming
    • What is Phishing
    • What is CSRF
    • DNS Amplification Attack
    • Denial of Service Attack
  • Basics
    • Security Consultant Definition
    • Security Policies
    • What is Network Security
    • What is Data Security?
    • What is Cryptography
    • Cryptography Techniques
    • Cryptography Tools
    • Data Security Techniques and Privacy
    • Digital Signature Cryptography
    • Java Cryptography
    • Basics of Cybersecurity
    • What is Network Topology
    • Algorithms and Cryptography
    • HTTP Methods
    • Security Technologies
    • Security Architecture
    • Network Topologies
    • What is a Physical Address?
    • Logical Address
    • What is Storage Area Network?
    • Mobile Ad Hoc Network
    • What is Computer Networks?
    • Security Principles
    • What is Remote Access?
  • Protocols
    • What is TCP Protocol
    • What is TCP/IP
    • How do IP Addresses Work?
    • Routing Protocols Types
    • What is Telnet
    • What is TFTP
    • What is DHCP
    • What is SFTP
    • Address Resolution Protocol
    • Internet Control Message Protocol
    • Simple Mail Transfer Protocol
    • Internet Security Protocols
    • SMTP Protocol
    • Types of Networking Protocols
    • User Datagram Protocol
    • Data Link Layer
    • Data Link Layer Services
    • Network Layer
    • Transport Layer Protocols
    • What Is Networking Protocols
    • TFTP
    • What is ARP
    • Basic Fundamental Of Networking
    • What is IPv4
    • What is IPv6
    • CIFS Protocol
    • What is SMB?
    • What is EIGRP
    • What is LLDP?
  • Routing
    • What is Router
    • Types of Routers
    • Dynamic Routing
    • Routing Algorithms
    • Routing Protocol
    • What is Routing
    • What is Static Routing
    • Important Types of DNS Servers (Powerful)
  • Algorithm
    • IDEA Algorithm
    • MD5 Algorithm
    • Symmetric Algorithms
    • Diffie Hellman Key Exchange Algorithm
    • Digital Signature Algorithm
    • Encryption Algorithm
    • Advanced Encryption Standard
    • Asymmetric Encryption
    • ElGamal Encryption
    • HMAC
    • DES Algorithm
    • Brute Force Algorithm
    • SHA Algorithm
    • RSA Algorithm
    • What is Digital Certificate?
    • Certificate Revocation
    • RC5
  • Encryption/ Decryption
    • Encryption process
    • Public Key Encryption
    • Symmetric Key Encryption
    • What is Encryption
    • What is Decryption
    • Types of Cipher
    • Transposition Techniques
    • What is Steganography
    • One Time Pad
    • Steganography Techniques
  • Hosting
    • Types of Web Hosting
    • Free Web Hosting Sites
    • What is Hosting
    • What is VPS Hosting
    • What is Web Hosting
    • Types of Domain
    • VPN Applications for PC
    • Why we use VPN?
    • What is Virtual Host?
  • Firewalls
    • What is a Firewall?
    • Types of Firewalls
    • Firewall Devices
    • Firewall Uses
  • Advanced
    • Cryptosystems
    • Configuring DHCP Server
    • Block Cipher modes of Operation
    • TCP/IP Model
    • Types of Network
    • Types of Network Devices
    • Types of Network Topology
    • Types of Intrusion Prevention System
    • Types of Proxy Servers
    • Types of Websites
    • Types of NAT 
    • Mobile IP
    • Career in Automobile Design
    • What is TFS
    • What is NAT
    • What is OSI Model
    • Data Link Layer OSI Model
    • What is Cross Site Scripting
    • Applications of Sensors
    • ARP Packet Format
    • Asymmetric Information
    • Autoencoders
    • What is FTP Server?
    • IPS Tools
    • IPv4 Header Format
    • IPv6 Header Format
    • Authentication Header
    • Kerberos
    • Network Mapper
    • Network Scanning Tools
    • Network Mapping Tools
    • Network Access Control
    • Vulnerability Assessment Tools
    • Network Sniffer
    • Networking Commands
    • Networking Devices
    • Networking Strategies
    • Digital Certificate
    • What is a Digital Signature?
    • Digital Signature Softwares
    • Digital Signature Types
    • Digital Signature vs Digital Certificate
    • PKCS
    • What is FTP
    • FTP Commands
    • What is MIME?
    • What is Smart Card?
    • Networking Ports
    • Mutual Authentication
    • Password Authentication
    • Data Masking 
    • Authentication Tokens
    • Biometric Authentication
    • What is IP?
    • IPSec
    • Secure Electronic Transaction
    • What is CIDR
    • Static Binding and Dynamic Binding
    • What is SSL
    • PKIX
    • Public Key Infrastructure
    • What is Wireshark
    • Daisy Chain Topology
    • Markov Logic Network
    • Security engineering
    • SNMP Monitoring Tools
    • Network Analysis Tools
    • Server Monitoring Tools
    • Network Discovery Tools
    • Network Management Tool
    • SIEM Tools
    • OSINT Tools
    • Multiple Ping Tool
  • Interview Questions
    • Network Security Interview Questions
    • Networking Interview Questions
    • EIGRP Interview Questions

Related Courses

CDN Training

OSPF Certification Training

Penetration Training Course

Footer
About Us
  • Blog
  • Who is EDUCBA?
  • Sign Up
  • Corporate Training
  • Certificate from Top Institutions
  • Contact Us
  • Verifiable Certificate
  • Reviews
  • Terms and Conditions
  • Privacy Policy
  •  
Apps
  • iPhone & iPad
  • Android
Resources
  • Free Courses
  • Java Tutorials
  • Python Tutorials
  • All Tutorials
Certification Courses
  • All Courses
  • Software Development Course - All in One Bundle
  • Become a Python Developer
  • Java Course
  • Become a Selenium Automation Tester
  • Become an IoT Developer
  • ASP.NET Course
  • VB.NET Course
  • PHP Course

© 2020 - EDUCBA. ALL RIGHTS RESERVED. THE CERTIFICATION NAMES ARE THE TRADEMARKS OF THEIR RESPECTIVE OWNERS.

EDUCBA Login

Forgot Password?

EDUCBA
Free Software Development Course

Web development, programming languages, Software testing & others

*Please provide your correct email id. Login details for this Free course will be emailed to you
Book Your One Instructor : One Learner Free Class

Let’s Get Started

This website or its third-party tools use cookies, which are necessary to its functioning and required to achieve the purposes illustrated in the cookie policy. By closing this banner, scrolling this page, clicking a link or continuing to browse otherwise, you agree to our Privacy Policy

EDUCBA

*Please provide your correct email id. Login details for this Free course will be emailed to you
EDUCBA
Free Software Development Course

Web development, programming languages, Software testing & others

*Please provide your correct email id. Login details for this Free course will be emailed to you

Special Offer - Cyber Security Training (12 Courses, 3 Projects) Learn More