Scribd
Upload
8 views

MITM Attack

Uploaded by

Christian
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
8 views

MITM Attack

Uploaded by

Christian
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

Page 1

Man In The Middle


Attack (MITM)
Abdulla Almarri.
Network Defense and Security
COM-450
Professor KATRINA WEICHT
7th February 2023
Page 2

Contents
Intri MITM ..................................................................................................................................3
MAC Spoofing.............................................................................................................................3
DNS Poisoning.............................................................................................................................3
DNS Spoofing..............................................................................................................................3
ICMP Redirect.............................................................................................................................4
Conclusion..................................................................................................................................4
Page 3

Man-in-the-Middle (MITM) is a type of cyber attack where the attacker


intercepts and manipulates communication between two parties. It is a popular
attack because it can be used to steal sensitive information such as login
credentials, credit card numbers, and other confidential data. In order to prevent
this type of attack, it is important to understand and protect against its various
components, such as MAC spoofing, DNS poisoning, DNS spoofing, and ICMP
redirect. (MITM 2019)

MAC Spoofing is a technique where an attacker changes the Media Access


Control (MAC) address of a device to match that of another device on the
network. This allows the attacker to eavesdrop on the communication between the
two devices and steal sensitive information. To prevent MAC spoofing, network
administrators can use access control lists (ACLs) to only allow communication
from trusted devices. Additionally, implementing strong passwords and enabling
encryption can also help protect against this type of attack. (MAC spoofing 2022)

DNS Poisoning is an attack where the attacker alters the Domain Name
System (DNS) records to redirect traffic from legitimate websites to fake ones.
This allows the attacker to steal sensitive information or inject malware into the
victim's device. To prevent DNS poisoning, network administrators can implement
security measures such as DNS Security Extensions (DNSSEC) and configure
their DNS servers to only allow updates from trusted sources. (DNS poisoning,
2021)

DNS Spoofing is a type of MITM attack where the attacker changes the
DNS resolution of a domain name to point to a malicious server. This can allow
the attacker to steal sensitive information or inject malware into the victim's
device. To prevent DNS spoofing, network administrators can implement
DNSSEC and configure their DNS servers to only allow updates from trusted
sources. (Security, 2022)
Page 4

ICMP Redirect is an attack where an attacker sends an Internet Control


Message Protocol (ICMP) redirect message to a target, instructing it to route its
traffic through a malicious server. This can allow the attacker to steal sensitive
information or inject malware into the victim's device. To prevent ICMP redirect
attacks, network administrators can disable the ability to accept ICMP redirects on
their devices, or filter incoming ICMP redirect messages.( O’Reilly, 2021)

In conclusion, Man-in-the-Middle attacks can have serious consequences


for both individuals and organizations. However, by implementing security
measures such as access control lists, encryption, DNSSEC, and filtering incoming
messages, it is possible to prevent these types of attacks and protect sensitive
information.

References:

What is MITM (man in the middle) attack: Imperva. Learning Center. (2019,
December 29). Retrieved February 7, 2023, from
https://www.imperva.com/learn/application-security/man-in-the-middle-attack-
mitm/

Security, P. (2022, May 20). What is DNS spoofing and how can you prevent it?
Panda Security Mediacenter. Retrieved February 7, 2023, from
https://www.pandasecurity.com/en/mediacenter/security/dns-spoofing/

O’Reilly. (2021, January 5). What is ICMP Redirect Attack. Retrieved February 7,
2023, from
https://www.oreilly.com/library/view/windows-server-cookbook/0596007903/
ch04s11.html

United States Computer Emergency Readiness Team. (2021, December 7). DNS
Poisoning. Retrieved February 7, 2023, from
https://www.us-cert.gov/ncas/alerts/TA13-088A
Page 5

GeeksforGeeks. (2022, August 21). What is Mac spoofing attack? GeeksforGeeks.


Retrieved February 7, 2023, from https://www.geeksforgeeks.org/what-is-mac-
spoofing-attack/

You might also like