Cisco CloudCenter: Get the Hybrid IT Advantage

Man-in-the-Middle Attack (MITM)

Definition - What does Man-in-the-Middle Attack (MITM) mean?

A man-in-the-middle (MITM) attack is a form of eavesdropping where communication between two users is monitored and modified by an unauthorized party. Generally, the attacker actively eavesdrops by intercepting a public key message exchange and retransmits the message while replacing the requested key with his own.

In the process, the two original parties appear to communicate normally. The message sender does not recognize that the receiver is an unknown attacker trying to access or modify the message before retransmitting to the receiver. Thus, the attacker controls the entire communication.

This term is also known as a janus attack or a fire brigade attack.

Techopedia explains Man-in-the-Middle Attack (MITM)

MITM is named for a ball game where two people play catch while a third person in the middle attempts to intercept the ball. MITM is also known as a fire brigade attack, a term derived from the emergency process of passing water buckets to put out a fire.

The MITM intercepts communications between two systems and is performed when the attacker is in control of a router along normal point of traffic. The attacker in almost all cases is located on the same broadcast domain as the victim. For instance, in an HTTP transaction, a TCP connection exists between client and server. The attacker splits the TCP connection into two connections – one between the victim and the attacker and the other between attacker and the server. On intercepting the TCP connection, the attacker acts as a proxy reading, altering and inserting data in intercepted communication. The session cookie reading the HTTP header can easily be captured by the intruder.

In an HTTPS connection, two independent SSL connections are established over each TCP connection. An MITM attack takes advantage of the weakness in network communication protocol, convincing the victim to route traffic through the attacker instead of normal router and is generally referred to as ARP spoofing.

Share this:

Connect with us

Email Newsletter

Join thousands of others with our weekly newsletter

The 4th Era of IT Infrastructure: Superconverged Systems
The 4th Era of IT Infrastructure: Superconverged Systems:
Learn the benefits and limitations of the 3 generations of IT infrastructure – siloed, converged and hyperconverged – and discover how the 4th...
Approaches and Benefits of Network Virtualization
Approaches and Benefits of Network Virtualization:
Businesses today aspire to achieve a software-defined datacenter (SDDC) to enhance business agility and reduce operational complexity. However, the...
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.