Q

What is a 'man in the middle' attack?

What is a "man in the middle" attack?

What is a "man in the middle" attack?
A "man in the middle" attack (aka "TCP hijacking" or an "eavesdropping" attack) is a well-known method in which an attacker sniffs packets from a network, modifies them and then inserts them back into the network. Simply put, the attacker intercepts network transmissions between two hosts. The attacker then masquerades as one of the hosts, often inserting additional transmissions into the network dialogue.

The "man in the middle" attack is prevalent in wireless networks as well. In this kind of invasion, the attacker may place a rogue access point in a legitimate wireless network, configure the rogue access point with the valid SSID of the victim's wireless network and thus gather sensitive information from authorized users connecting to the wireless network. Some attackers also use a laptop with two wireless network cards, where one...

card acts as an access point and the other wireless card forwards all the connections from the access point card to the legitimate access point. In cryptography the "man in the middle" attack is particularly applicable to the original Diffie-Hellman Key exchange protocol, when used without authentication.

This was first published in September 2005

Dig deeper on Network Protocols and Security

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close