We use to play a game where two people throw the ball to each other while the third person in the middle will have to intercept the ball then he changes the position with the person from whom he has intercepted the ball.
In the cyberworld, the game of keep-away gets a new twist; the two players have no idea the man in the middle (MITM) exists. It works like this:
- Computer A initiates conversation with Computer B
- Computer C intercepts that attempt and then relays the request to Computer B
- Computer B responds, Computer C intercepts it, and returns that response to Computer A.
The process in which computer C does the task of intercepting the communication is through a process known as ARP poisoning - Address Resolution Protocol poisoning. It uses an approach called pick me up approach. When Computer A tries to communicate with B, ARP sends out a broadcast to the network devices asking 'who is B?'. But there is no authentication built into ARP and thus ARP has no way of determining whether the response (pick me) is really B or not. Computer C can tell ARP it is Computer B, after which ARP will begin directing future requests for Computer B to the MITM Computer C. Since there is no authentication it can really redirect all the communications to different recipient.
Another method that this can happen is DNS poisoning where, when it has vulnerabilities, DNS server redirects a page that has been requested to another site that has the full control by the hacker. For example we may try to request for a page that is a bank site but DNS poisoning may lead to a different look alike site and we may enter the details into it which the hacker may misuse easily.
Another method of man in the middle redirection will be because of Hosts file manipulation. Every Windows-based computer has a local Hosts file which, like DNS, resolves IP address to domain names. However, entries in the local Hosts file typically override DNS and the Hosts file is generally more accessible to attackers - thus malicious Hosts file manipulation is common.
The best way to prevent from being the victim of a middle man is to be having good Internet Security program with latest updates. Checking the security settings and keeping them to the optimum level, firewall should be turned on, Security updates has to be done in time. And updates of browser has to be done as and when available.
1 comments:
replica bags from china free shipping my sources q6l86p4h74 replica bags china learn the facts here now b5d82w4y07 replica wallets replica bags wholesale in divisoria try this website n3i88m3f88 best replica designer replica bags vancouver
Post a Comment