Recognize The Man-In-The-Middle (MITM)

Many articles that discuss the techniques ilmuhacking attack man in the middle (mitm), but I have never been explained in detail about what it mitm attack. Mitm attack is a type of attack is extremely dangerous and can happen anywhere, in the website, mobile phone, as well as in the traditional communication tools such as correspondence. Therefore, I think one needs to have a special article that discusses mitm attack irrespective of any technical implementation and

Not Sekedar Sniffing

Many may think that the goal of the attack mitm is to extract confidential data communications, such as sniffing. Sniffing can be called a passive attack, because in the sniffing attacker does not do any action other than monitoring the data through. It is true that the attack mitm, an attacker can find out what is discussed by the two parties to communicate. But actually the biggest strength of mitm not the ability sniffingnya, but on the ability to intercept and change communications mitm attack can be so called as the type of active attack.

Picture below is a scenario that can be done with the attacker attacks mitm.

In the picture shown is the 4 types of attacks can be done with the MITM. Here is an explanation of the types of attacks in a scenario such as the image above.

* Sniffing: Charlie knows all discussion between Alice and Bob.
* Intercepting: Charlie intercept a message from Alice when Alice wanted to close the conversation with "Bob I'm going to sleep, Bye!". This way Bob thinks Alice is communicating with.
* Tampering: Charlie answers change from Bob to Alice bob Paypal account to be charlie.
* Fabricating: Charlie asks the social security number to Bob, when this question was never asked by Alice.

Mitm with how this could be how large the potential damage that can be done Charlie to Alice and Bob.

The attack is the Man-in-The-Middle

Mitm in the attack, an attacker will be in the midst of the communications between two parties. The whole discussion going on between them should be through the first attacker in the middle. Attacker with a lavish do tapping, pencegatan, conversion even forge communication as I have described previously.

Now let us see the example of a MITM in case Alice communicates with Bob. Charlie as the attacker will try to be in the middle between Alice and Bob. In order for Charlie to be successful the people, then Charlie should:

* Masquerade as Bob before Alice
* Masquerade as Alice before Bob

In mitm, suppose Alice are talking with Bob, but that he was talking with Charlie. Bob Similarly, he thinks are talking with Alice, when, in fact that he was talking with Alice. So that people can be in the middle of Charlie can be incognito in the two sides, not only on one side only.

Why Alice and Bob can be trapped and deceived by Charlie? That is because Alice and Bob does not perform authentication before communication. Alice ensure authentication akan Bob spoke with the original, not the fake Bob diperankan by Charlie. As well as authentication, Bob will speak with the original Alice, Alice is not a false diperankan by Charlie.

Importance of Authentication: Who Are You Speaking With?

Authentication is the process to prove the identity of a subject, can the person or machine. The process of proving identity seeorang there are many ways, but all can be grouped in 3 categories:

* What you know: a PIN, password, public key-pair private
* What you have: smart card, key, USB dongle
* What you are: fingerprint, retina

In short the authentication question "Who are you speaking with?". The question is very important note before the two parties to communicate. When the two parties to communicate without prior authentication, they can be stuck talking with the wrong people, namely people who masquerade be talking opponents. If this happens then the consequences can be fatal, one of which is the occurrence of mitm attack.

When two people who already know each other face-to-face talk with directly, then they may not get stuck talking to the misguided and the wrong people. Authentication becomes very important when both parties talk through the media of communication such as long distance telephone or internet. In long-distance communication, we can only hear us talk opponents, so very likely we are talking with the wrong people.

So how to prevent the MITM attack is to perform authentication before communication. Even if authentication is done by one party only, it is sufficient to prevent mitm. Let us see again the example Alice, Bob and Charlie, if the authentication is only done by Bob, while Alice does not. Because of the absence of authentication Alice, then Charlie can masquerade as Alice in front of Bob, but Charlie can not masquerade as Bob in front of Alice. What Charlie can not disguise a Bob? For Alice akan Bob test the authenticity of the authentication, so that masquerade as Bob Charlie uncovered false akan akan and Alice does not want to continue communication.

What's on Your Mind...

My Blog List


guest book

ShoutMix chat widget