Man-in-the-middle (MITM) attack is a phenomenon by which an attacker obstructs communication between two parties where the communication needs to be direct. In this case, both parties are unaware of the attack that have crop up. Involvement of physical proximity or use of malware to obstruct communications (a man-in-the-browser attack) are a part of this attack. Generally the financial transactions, secured connections, and other interactions involving username and password are attacked.
Also, there can be the use of many different methods for obstructing communications like, email, session, or IP hijacking, Wi-Fi® eavesdropping, Trojan attacks, DNS spoofing, or HTTP injections.
Besides the chances of being attacked, there are ways to prevent it too.
There are various ways by which a user can protect oneself from this MITM attack.
If a person is a server or a website owner,
Never miss to check whether or not, the website uses secure communication protocols (like, TLS and HTTPS). These protocols acts as a protector against spoofing attacks.
Also, one should see to it that website applications make a use of SSL/TLS to secure every page of the website rather than only those pages requiring authentication. This step will stop the attackers from accessing session cookies on those portions of the website which are unsecured.
If a person is a user of internet,
Compulsorily use up-to-date anti-malware software for protecting and maintaining the security of the online devices. Ensuring that the operating system and browser are up to date is mandatory.
Never use unsecure, distrusted Wi-Fi connections because attackers can easily scan the available Wi-Fi hotspots to search these insecure or default passwords, or those router configurations that are easily exploitable.
Maintaining extreme caution while connecting to publicly-accessible Wi-Fi routers is very important. If a user uses public Wi-Fi connections, remember to configure the devices to use a Virtual Private Network (VPN) without fail.
Ensuring secured configuration of the home and office Wi-Fi routers or use of adequate precautions for online communications is a necessity.
Check whether the websites that the users access includes the https:// protocol in their URLs and have certificate authority-signed SSL certificates.
Paying attention to browser notifications about unsecured websites and immediate logging out of secure websites after you using them is compulsory.
Warnings about potential MITM attacks are displayed in some of the cPanel and WHM features, like in cPanel’s Git Version Control interface (cPanel >> Home >> Files >> Git Version Control). Here, warnings are displayed in case the system fails to validate an unknown clone URL’s public fingerprint. To know more on how to resolve this issue, users can read our Git Version Control documentation.
Ways to prevent the MITM attack is outlined in this review.