BuycPanel Blog

BuycPanel Blog

Latest news and updates

What is the Man-in-the-Middle Attack?

Posted by Allura on 23 05 2019.

Introduction
Man-in-the-middle (MITM) attack is a phenomenon by which an attacker obstructs communication between two parties where the communication needs to be direct. In this case, both parties are unaware of the attack that have crop up. Involvement of physical proximity or  use of malware to obstruct communications (a man-in-the-browser attack) are a part of this attack. Generally the financial transactions, secured connections, and other interactions involving username and password are attacked.Also, there can be the use of many different methods for obstructing communications like, email, session, or IP hijacking, Wi-Fi® eavesdropping, Trojan attacks, DNS spoofing, or HTTP injections.What Is An MITM Attack?
Explaining the process of MITM attack would be effective in the form of an example. Person A and person B intends to send messages to each other. On the other hand, person C wants to obstruct their communication and hence, initiates the process of MITM attack.Suppose, person A and…

Introduction

Man-in-the-middle (MITM) attack is a phenomenon by which an attacker obstructs communication between two parties where the communication needs to be direct. In this case, both parties are unaware of the attack that have crop up. Involvement of physical proximity or  use of malware to obstruct communications (a man-in-the-browser attack) are a part of this attack. Generally the financial transactions, secured connections, and other interactions involving username and password are attacked.

Also, there can be the use of many different methods for obstructing communications like, email, session, or IP hijacking, Wi-Fi® eavesdropping, Trojan attacks, DNS spoofing, or HTTP injections.

What Is An MITM Attack?

Explaining the process of MITM attack would be effective in the form of an example. Person A and person B intends to send messages to each other. On the other hand, person C wants to obstruct their communication and hence, initiates the process of MITM attack.

Suppose, person A and person B wants to message each other their bank accounts number for cash withdrawal. Meanwhile, person C locates a security hole which will allow that person to obstruct both their communications and become the man-in-the-middle between their communications. Whatever they will discuss, will be gathered by person C, and that’s exactly how a forgery takes place. This whole phenomenon is known as an MITM attack.

MITM Attack Prevention

There are various ways by which a user can protect oneself from this MITM attack.

Website Owners

If a person is a server or a website owner,

Never miss to check whether or not, the website uses secure communication protocols (like, TLS and HTTPS). These protocols acts as a protector against spoofing attacks.

Also, one should see to it that website applications make a use of  SSL/TLS to secure every page of the website rather than only those pages requiring authentication. This step will stop the attackers from accessing session cookies on those portions of the website which are unsecured.

Individual Users

If a person is a user of internet,

Compulsorily use  up-to-date anti-malware software for protecting and maintaining the security of the online devices. Ensuring that the operating system and browser are up to date is mandatory.

Never use unsecure, distrusted Wi-Fi connections because attackers can easily scan the available Wi-Fi hotspots to search these insecure or default passwords, or those router configurations that are easily exploitable.

Maintaining extreme caution while connecting to publicly-accessible Wi-Fi routers is very important. If a user uses public Wi-Fi connections, remember to configure the devices to use a Virtual Private Network (VPN) without fail.

Ensuring secured configuration of the home and office Wi-Fi routers or use of adequate precautions for online communications is a necessity.

Check whether the websites that the users access includes the https:// protocol in their URLs and have certificate authority-signed SSL certificates.

Paying attention to browser notifications about unsecured websites and immediate logging out of secure websites after you using them is compulsory.

In cPanel And WHM

Warnings about potential MITM attacks are displayed in some of the cPanel and WHM features, like in cPanel’s Git Version Control interface (cPanel >> Home >> Files >> Git Version Control). Here, warnings are displayed in case the system fails to validate an unknown clone URL’s public fingerprint. To know more on  how to resolve this issue, users can read our Git Version Control documentation.

Conclusion

All information on MITM attack is outlined in this review.