SlideShare a Scribd company logo

Unauthorized access, Men in the Middle (MITM)

Download as PPT, PDF
B
Balvinder Singh

The document discusses man-in-the-middle (MITM) attacks, where an attacker intercepts communications between two parties to steal or manipulate data. It outlines different forms of MITM attacks, such as eavesdropping and manipulation, and describes various spoofing techniques used by attackers, including email spoofing and phishing. Additionally, the document provides examples of security breaches and offers advice on how to protect against such attacks.

TechnologyNews & Politics
Related topics:
Network Security
1 of 22
Downloaded 136 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
By: Balvinder Singh & Priya Nain Unauthorized Access: Man-in-the-Middle Attacks (MITM)
In this type of attack, the attacker attempts to insert himself in the middle of a communication for purposes of intercepting client’s data and could potentially modify them before discarding them or sending them out to the real destination. The attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to Each other over a private connection, when in fact the entire conversation is Controlled by the attacker. Man-in-the-middle attacks
Attacker inserting himself in the middle of a communication Server Client Attacker
Name Origin , The name "Man-in-the-Middle" is derived from the basketball scenario where two players intend to pass a ball to each other while one player between them tries to seize it. MITM attacks are sometimes referred to as "bucket brigade attacks" or "fire brigade attacks." MITM attack is also known as: Bucket-brigade attack Fire brigade attack Session hijacking TCP hijacking TCP session hijacking Monkey-in-the-middle attack
Man-in-the-middle attacks take two common forms Eavesdropping , is an attacker simply listens to a set of transmissions to And from different hosts even though the attacker's computer isn't party to the transaction. Many relate this type of attack to a leak, in which sensitive information could be disclosed to a third party without the legitimate users Knowledge. Manipulation, attacks build on the capability of eavesdropping by taking This unauthorized receipt of a data stream and changing its contents to suit a certain purpose of the attacker-perhaps spoofing an IP address, changing a MAC address to emulate another host, or some other type of modification.
Security Breach Example To ensure no prosecution, hackers contacted bank president and gave two options: 2003 group of hackers were "testing" security of various banks and noticed that one was extremely vulnerable Within a couple of hours, they transferred over $10 million dollars from the bank to a private account Due to bank's poor network security, attackers tracks were difficult to find Sign proposal indicating that hacker's were forming a security assessment at bank's request for $5 million dollars and hackers would then return the other $5 million. Bank could prosecute, but attackers would deny everything and notify media on bank's poor security
What choice do you think the bank president choose? Bank Manager made a signed aggrement And gave $5 Millions to Hackers on the behalf of security assesment
Man in the Middle Scenario All laptop users connect to a public network Wireless connection can easily be compromised or impersonated Wired connections might also be compromised Internet
Rules of Thumb – Don’ts … Someone might be listening to the requests Don’t browse sensitive sites Don’t supply sensitive information Someone might be altering the responses Don’t trust any information given on web sites Don’t execute downloaded code
Rules of Thumb – What Can You Do? This leaves us with: Browse Non-Sensitive sites Share personal information only over secure networks Non-sensitive sites Boring Sensitive sites Interesting Internet
Passive Man in the Middle Attacks Victim browses to a website Attacker views the request and forwards to server Attacker views the response and forwards to victim Server returns a response Other servers are not affected
Active Man in the Middle Attack The attacker actively directs the victim to an “interesting” site The IFrame could be invisible Victim browses to a “boring” site Attack transfers the request to the server Attacker adds an IFRAME referencing an “interesting” site Server returns a response Automatic request sent to the interesting server Other servers are not affected My Weather Channel My Bank Site My Bank Site
 
Secure Connections Login Mechanism
Session Fixation Cookie is being saved on victim’s computer Attacker redirects victim to the site of interest Attacker returns a page with a cookie generated by server A while later, victim connects to the site (with the pre-provided cookie) Attacker uses the same cookie to connect to the server Server authenticates attacker as victim Result Now server authenticate attacker as victim/client, now attacker has same privileges as our victim have.
Attack strategy – Spoofing Spoofing  is the creation of TCP/IP packets using somebody else's IP address. Routers use the "destination IP" address in order to forward packets through The Internet, but ignore the "source IP" address. That address is only used by the destination machine when it responds back to the source. An example from cryptography is the Man in the middle Attack, in which an attacker spoofs Alice into believing the attacker is Bob, and spoofs Bob into believing the attacker is Alice, thus gaining access to all messages in both directions without the trouble of Any cryptanalytic effort.
E-Mail address Spoofing Types of Spoofing URL Spoofing and Phishing Referrer Spoofing
URL spoofing and phishing , Another kind of spoofing is "webpage spoofing” also known as Phishing. In this attack, a legitimate web page such as a bank's site is reproduced in "look and feel" on another server under control of the attacker. The main intent is to fool the users into thinking that they are connected to a trusted site, for instance to harvest usernames and passwords. Referrer spoofing , Some websites, especially pay sites, allow access to their materials only from certain approved (login-) pages. This is enforced by checking the referrer header of the HTTP request.
The sender information shown in E-Mails (the "From" field) can be spoofed easily. This technique is commonly used by spammers to hide the origin of their e-mails and leads to problems such as misdirected Bounces. Like attacker send a message to user by changing its ‘From' field and user Think that message is received by an trusted person and he may reply to that Message and our data may be misused. E-mail address spoofing
Defending against Spoofing Spoofing is difficult to defend against due to the attacks being mostly passive by nature. What you get is a webpage that is different than what you are expecting. In very targeted attacks it is very possible that you may never know that attackers have been entered into your system By using virtual proxy generator By using login mechanism
?
Thank You

More Related Content

PPTX
Man in the middle
AhmadThaqifAimanAhma
 
PPT
SSL MITM Attack Over Wireless
SecurityTube.Net
 
PPTX
Man in-the-middle attack(http)
Togis UAB Ltd
 
PPTX
Man in-the-middle attack(http)
Togis UAB Ltd
 
PPTX
Man in the middle attack (mitm)
Hemal Joshi
 
PPTX
Man in The Middle Attack
Deepak Upadhyay
 
PPTX
Man In The Middle - Hacking Illustrated
InfoSec Institute
 
PPTX
Web spoofing hacking
jignesh khunt
 
Man in the middle
AhmadThaqifAimanAhma
 
SSL MITM Attack Over Wireless
SecurityTube.Net
 
Man in-the-middle attack(http)
Togis UAB Ltd
 
Man in-the-middle attack(http)
Togis UAB Ltd
 
Man in the middle attack (mitm)
Hemal Joshi
 
Man in The Middle Attack
Deepak Upadhyay
 
Man In The Middle - Hacking Illustrated
InfoSec Institute
 
Web spoofing hacking
jignesh khunt
 

What's hot (17)

PDF
Module 10 (session hijacking)
Wail Hassan
 
PDF
Avoiding Man in the Middle Attack Based on ARP Spoofing in the LAN
Editor IJCATR
 
PPT
Module 6 Session Hijacking
leminhvuong
 
PDF
Enhancement in network security with security
eSAT Publishing House
 
PDF
Enhancement in network security with security protocols
eSAT Journals
 
PDF
Types of Cryptosystem and Cryptographic Attack
Mona Rajput
 
PPT
IS Security Presentation
Renjith K P
 
PPTX
Session Hijacking ppt
Harsh Kevadia
 
PPT
Web spoofing
kondalarao7
 
PDF
Authentication in Smart Grid
Sherif Abdelfattah
 
PPT
ip spoofing
vipin soni
 
PPTX
Session Hijacking
n|u - The Open Security Community
 
PPTX
network attacks
MuskanSony
 
PPTX
Spoofing attack: Learn about Email spoofing, IP address spoofing and many other
Pankaj Dubey
 
PDF
Session hijacking by rahul tyagi
amansyal
 
DOCX
Breaking ssl
Vinayak Raghuvamshi
 
PDF
Mattias eriksson
Hai Nguyen
 
Module 10 (session hijacking)
Wail Hassan
 
Avoiding Man in the Middle Attack Based on ARP Spoofing in the LAN
Editor IJCATR
 
Module 6 Session Hijacking
leminhvuong
 
Enhancement in network security with security
eSAT Publishing House
 
Enhancement in network security with security protocols
eSAT Journals
 
Types of Cryptosystem and Cryptographic Attack
Mona Rajput
 
IS Security Presentation
Renjith K P
 
Session Hijacking ppt
Harsh Kevadia
 
Web spoofing
kondalarao7
 
Authentication in Smart Grid
Sherif Abdelfattah
 
ip spoofing
vipin soni
 
Session Hijacking
n|u - The Open Security Community
 
network attacks
MuskanSony
 
Spoofing attack: Learn about Email spoofing, IP address spoofing and many other
Pankaj Dubey
 
Session hijacking by rahul tyagi
amansyal
 
Breaking ssl
Vinayak Raghuvamshi
 
Mattias eriksson
Hai Nguyen
 
Ad

Viewers also liked (20)

PPTX
Al Live: Filtering: The Man in the Middle
ALATechSource
 
PDF
Man in the Middle? - Nein, danke!
Daniel Schneller
 
PDF
Man in the Middle? - No, thank you!
Daniel Schneller
 
PDF
Sem 004
SelectedPresentations
 
PDF
Attack modeling vs threat modelling
Invisibits
 
PPTX
Content Type Attack Dark Hole in the Secure Environment by Raman Gupta
ClubHack
 
PPTX
Lan internetworking devices
QAU ISLAMABAD,PAKISTAN
 
PPT
Troubleshooting basic networks
Arnold Derrick Kinney
 
PPTX
Types of VPN
NetProtocol Xpert
 
PPTX
Vulnerability Assessment
primeteacher32
 
PPTX
Network sniffers & injection tools
vishalgohel12195
 
PPT
Computer Networking: Subnetting and IP Addressing
Bisrat Girma
 
PPT
Basic Network Concepts
Abhishek Singh
 
PPTX
Sql injection
Zidh
 
PDF
Hoover.2016 Texas Bankers CFO Conference
Terry Hoover CPA, CGMA, CIA
 
PPTX
Http Vs Https .
simplyharshad
 
PDF
IP Addressing and Subnetting
cbtvid
 
PPT
CCNA Advanced Routing Protocols
Dsunte Wilson
 
PPTX
VPN, Its Types,VPN Protocols,Configuration and Benefits
qaisar17
 
PPT
CCNA Routing Protocols
Dsunte Wilson
 
Al Live: Filtering: The Man in the Middle
ALATechSource
 
Man in the Middle? - Nein, danke!
Daniel Schneller
 
Man in the Middle? - No, thank you!
Daniel Schneller
 
Sem 004
SelectedPresentations
 
Attack modeling vs threat modelling
Invisibits
 
Content Type Attack Dark Hole in the Secure Environment by Raman Gupta
ClubHack
 
Lan internetworking devices
QAU ISLAMABAD,PAKISTAN
 
Troubleshooting basic networks
Arnold Derrick Kinney
 
Types of VPN
NetProtocol Xpert
 
Vulnerability Assessment
primeteacher32
 
Network sniffers & injection tools
vishalgohel12195
 
Computer Networking: Subnetting and IP Addressing
Bisrat Girma
 
Basic Network Concepts
Abhishek Singh
 
Sql injection
Zidh
 
Hoover.2016 Texas Bankers CFO Conference
Terry Hoover CPA, CGMA, CIA
 
Http Vs Https .
simplyharshad
 
IP Addressing and Subnetting
cbtvid
 
CCNA Advanced Routing Protocols
Dsunte Wilson
 
VPN, Its Types,VPN Protocols,Configuration and Benefits
qaisar17
 
CCNA Routing Protocols
Dsunte Wilson
 
Ad

Similar to Unauthorized access, Men in the Middle (MITM) (20)

DOCX
Network Security
GiftifyGiftify
 
PPT
Web spoofing (1)
Khushboo Taneja
 
PPTX
Different types of attacks in internet
Rohan Bharadwaj
 
PPTX
Computer hacking
Arjun Tomar
 
PPTX
Man in the middle attack .pptx
PradeepKumar728006
 
PPTX
Access Controls Attacks
Hafiza Abas
 
PPTX
Webspoofing
jaimin_m_raval
 
PPTX
Using OTP prevent Phishing attacks
riteshsarode1995
 
PPTX
Introduction_of_Cyberthreated_Presentation.pptx
ernilyndelossantos
 
PPS
Amazon & E Bay
Sabyasachi Dasgupta
 
PPSX
Shiv seminar final
Shivarajkumar Badiger
 
PPTX
Advance Web Vulnerabilities Chapter 3 to 5
arjayVicencio
 
PPT
Phishing: Swiming with the sharks
Nalneesh Gaur
 
PPTX
PPT on Phishing
Pankaj Yadav
 
PPT
Spoofing
Sanjeev
 
PDF
Phishing: Analysis and Countermeasures
IRJET Journal
 
PPTX
PPT FOR CYBER SECURITY AND FORENSICS MICRO PROJECT
UrveshPrajapati11
 
PDF
Ch 1 intro to cyber crime and cyber security.pdf
jpsarwade
 
PDF
Ransomware
Prachi Gulihar
 
PPT
Exploring And Investigating New Dimensions In Phishing
Muhammad Haroon CISM PCI QSA ISMS LA CPTS CEH
 
Network Security
GiftifyGiftify
 
Web spoofing (1)
Khushboo Taneja
 
Different types of attacks in internet
Rohan Bharadwaj
 
Computer hacking
Arjun Tomar
 
Man in the middle attack .pptx
PradeepKumar728006
 
Access Controls Attacks
Hafiza Abas
 
Webspoofing
jaimin_m_raval
 
Using OTP prevent Phishing attacks
riteshsarode1995
 
Introduction_of_Cyberthreated_Presentation.pptx
ernilyndelossantos
 
Amazon & E Bay
Sabyasachi Dasgupta
 
Shiv seminar final
Shivarajkumar Badiger
 
Advance Web Vulnerabilities Chapter 3 to 5
arjayVicencio
 
Phishing: Swiming with the sharks
Nalneesh Gaur
 
PPT on Phishing
Pankaj Yadav
 
Spoofing
Sanjeev
 
Phishing: Analysis and Countermeasures
IRJET Journal
 
PPT FOR CYBER SECURITY AND FORENSICS MICRO PROJECT
UrveshPrajapati11
 
Ch 1 intro to cyber crime and cyber security.pdf
jpsarwade
 
Ransomware
Prachi Gulihar
 
Exploring And Investigating New Dimensions In Phishing
Muhammad Haroon CISM PCI QSA ISMS LA CPTS CEH
 

Recently uploaded (20)

PPTX
Modernising the Digital Integration Hub
Daniel Toomey
 
PPTX
O2C Customer Invoices to Receipt V15A.pptx
ssuserbfa915
 
PPT
What is a Computer? Input Devices /output devices
GulJan8
 
PDF
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
PDF
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
2021 HotChips TSMC Packaging Technologies for Chiplets and 3D_0819 publish_pu...
KeXue5
 
PPTX
The various Industrial Revolutions .pptx
bandileshozi3
 
PDF
A contest of sentiment analysis: k-nearest neighbor versus neural network
IAESIJAI
 
PDF
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
PDF
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
PDF
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
PDF
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
PDF
Hybrid model detection and classification of lung cancer
IAESIJAI
 
PPTX
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
PPTX
Group 1 Presentation -Planning and Decision Making .pptx
MatthewLewis227954
 
PDF
August Patch Tuesday
Ivanti
 
PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
PPTX
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
Modernising the Digital Integration Hub
Daniel Toomey
 
O2C Customer Invoices to Receipt V15A.pptx
ssuserbfa915
 
What is a Computer? Input Devices /output devices
GulJan8
 
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
2021 HotChips TSMC Packaging Technologies for Chiplets and 3D_0819 publish_pu...
KeXue5
 
The various Industrial Revolutions .pptx
bandileshozi3
 
A contest of sentiment analysis: k-nearest neighbor versus neural network
IAESIJAI
 
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
Hybrid model detection and classification of lung cancer
IAESIJAI
 
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
Group 1 Presentation -Planning and Decision Making .pptx
MatthewLewis227954
 
August Patch Tuesday
Ivanti
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 

Unauthorized access, Men in the Middle (MITM)

  • 1. By: Balvinder Singh & Priya Nain Unauthorized Access: Man-in-the-Middle Attacks (MITM)
  • 2. In this type of attack, the attacker attempts to insert himself in the middle of a communication for purposes of intercepting client’s data and could potentially modify them before discarding them or sending them out to the real destination. The attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to Each other over a private connection, when in fact the entire conversation is Controlled by the attacker. Man-in-the-middle attacks
  • 3. Attacker inserting himself in the middle of a communication Server Client Attacker
  • 4. Name Origin , The name "Man-in-the-Middle" is derived from the basketball scenario where two players intend to pass a ball to each other while one player between them tries to seize it. MITM attacks are sometimes referred to as "bucket brigade attacks" or "fire brigade attacks." MITM attack is also known as: Bucket-brigade attack Fire brigade attack Session hijacking TCP hijacking TCP session hijacking Monkey-in-the-middle attack
  • 5. Man-in-the-middle attacks take two common forms Eavesdropping , is an attacker simply listens to a set of transmissions to And from different hosts even though the attacker's computer isn't party to the transaction. Many relate this type of attack to a leak, in which sensitive information could be disclosed to a third party without the legitimate users Knowledge. Manipulation, attacks build on the capability of eavesdropping by taking This unauthorized receipt of a data stream and changing its contents to suit a certain purpose of the attacker-perhaps spoofing an IP address, changing a MAC address to emulate another host, or some other type of modification.
  • 6. Security Breach Example To ensure no prosecution, hackers contacted bank president and gave two options: 2003 group of hackers were "testing" security of various banks and noticed that one was extremely vulnerable Within a couple of hours, they transferred over $10 million dollars from the bank to a private account Due to bank's poor network security, attackers tracks were difficult to find Sign proposal indicating that hacker's were forming a security assessment at bank's request for $5 million dollars and hackers would then return the other $5 million. Bank could prosecute, but attackers would deny everything and notify media on bank's poor security
  • 7. What choice do you think the bank president choose? Bank Manager made a signed aggrement And gave $5 Millions to Hackers on the behalf of security assesment
  • 8. Man in the Middle Scenario All laptop users connect to a public network Wireless connection can easily be compromised or impersonated Wired connections might also be compromised Internet
  • 9. Rules of Thumb – Don’ts … Someone might be listening to the requests Don’t browse sensitive sites Don’t supply sensitive information Someone might be altering the responses Don’t trust any information given on web sites Don’t execute downloaded code
  • 10. Rules of Thumb – What Can You Do? This leaves us with: Browse Non-Sensitive sites Share personal information only over secure networks Non-sensitive sites Boring Sensitive sites Interesting Internet
  • 11. Passive Man in the Middle Attacks Victim browses to a website Attacker views the request and forwards to server Attacker views the response and forwards to victim Server returns a response Other servers are not affected
  • 12. Active Man in the Middle Attack The attacker actively directs the victim to an “interesting” site The IFrame could be invisible Victim browses to a “boring” site Attack transfers the request to the server Attacker adds an IFRAME referencing an “interesting” site Server returns a response Automatic request sent to the interesting server Other servers are not affected My Weather Channel My Bank Site My Bank Site
  • 13.  
  • 15. Session Fixation Cookie is being saved on victim’s computer Attacker redirects victim to the site of interest Attacker returns a page with a cookie generated by server A while later, victim connects to the site (with the pre-provided cookie) Attacker uses the same cookie to connect to the server Server authenticates attacker as victim Result Now server authenticate attacker as victim/client, now attacker has same privileges as our victim have.
  • 16. Attack strategy – Spoofing Spoofing  is the creation of TCP/IP packets using somebody else's IP address. Routers use the "destination IP" address in order to forward packets through The Internet, but ignore the "source IP" address. That address is only used by the destination machine when it responds back to the source. An example from cryptography is the Man in the middle Attack, in which an attacker spoofs Alice into believing the attacker is Bob, and spoofs Bob into believing the attacker is Alice, thus gaining access to all messages in both directions without the trouble of Any cryptanalytic effort.
  • 17. E-Mail address Spoofing Types of Spoofing URL Spoofing and Phishing Referrer Spoofing
  • 18. URL spoofing and phishing , Another kind of spoofing is "webpage spoofing” also known as Phishing. In this attack, a legitimate web page such as a bank's site is reproduced in "look and feel" on another server under control of the attacker. The main intent is to fool the users into thinking that they are connected to a trusted site, for instance to harvest usernames and passwords. Referrer spoofing , Some websites, especially pay sites, allow access to their materials only from certain approved (login-) pages. This is enforced by checking the referrer header of the HTTP request.
  • 19. The sender information shown in E-Mails (the "From" field) can be spoofed easily. This technique is commonly used by spammers to hide the origin of their e-mails and leads to problems such as misdirected Bounces. Like attacker send a message to user by changing its ‘From' field and user Think that message is received by an trusted person and he may reply to that Message and our data may be misused. E-mail address spoofing
  • 20. Defending against Spoofing Spoofing is difficult to defend against due to the attacks being mostly passive by nature. What you get is a webpage that is different than what you are expecting. In very targeted attacks it is very possible that you may never know that attackers have been entered into your system By using virtual proxy generator By using login mechanism
  • 21. ?