Man-In-The-Middle Attacks
With technological advancements, there is the sparking up of new and numerous attacks, an excellent example of the man in the middle attack. This is an attack where a hacker secretly conveys and changes the communication between two parties who are directly communicating with each other. The insert gains useful information and data that compromises the operation of the two parties (Meyer, & Wetzel, 2004). There several types of man in the middle attacks, they include;
- MAC spoofing
- DNS poisoning
- DNS spoofing
- ICMP redirect
In this paper, there will be a review of these attacks and the various methods which can be used to prevent and mitigate the attacks.
MAC Spoofing
MAC spoofing is an example of a man in the middle attack. In this attack, an intruder sniffs/snuffles a network for a valid MAC address, the intruder then attempts to act or forge as a valid MAC address. The intruders then present themselves as a default gateway and replicate all information sent to the default gateway without any detection. In other words, the intruder falsifies their identity and gain data from various uses (An, & Kim 2013).
Methods of Prevention
- Installation of firewalls on network setup – this will help in the prevention of various intruders from entering the system.
- Deployment of authentication techniques – any network should contain authentication procedures such as the setting of passwords. This will aid in the prevention of intruders in the system.
- Using spoof detection measures – this tool is designed in the detection of any form of spoofing that may occur in a network.
DNS Spoofing
This is referred to as Domain Name System Attack; this is where an attacker jumbles up a list of public IP addresses. In this type of attack, a hacker exploits various operating system vulnerabilities in the Domain name server to divert or redirect online traffic to a fraudulent site that resembles the intended website. When the users are on the site, they are always prompted to create some form of account, they are required to enter their personal information, and intruder takes the chance to steal such data. Additionally, this site may contain worms and viruses in that when a user clicks a specific link; they automatically download on their computer. Thus, DNS spoofing is a severe cyberattack (Ornaghi & Valleri, 2003).. Don't use plagiarised sources.Get your custom essay just from $11/page
Methods of Prevention
- Installation of a firewall – this prevents access of an intruder in the system.
- The use of Virtue Private Networks (VPN) – this is the process where a user uses their private network to access the various site. Through this, an intruder cannot gain access in the private internet connection.
- Spoofing detection tools – these are tools that are automatically detecting various spoofing occurrences and stops them before they occur.
- Websites can also encrypt the data in an aim to prevent intruders from being able to access vital information and create replicas of the sites.
- Authentication procedures will also go a long way in ensuring the security of the network setup.
DNS poisoning
DNS poisoning can also be referred to as DNS spoofing; this is a type of attack that involves the exploitation of various vulnerabilities in a DNS. This attack main leads to the redirection of users from the legitimate website to fakes sites. Unlike spoofing DNS poisoning is considered to be very dangerous because it can spread and be transferred from one DNS server to another (Duan et al., 2012).
Methods of Prevention
- Managing DNS servers securely – an institution has to decide whether to host the DNS servers themselves or host them through a server hosting provider.
- Make various DNS server configurations in a bid to protect the servers.
- Keeping your servers private and secure
- Installation of firewalls
ICMP redirect
ICMP redirect a feature of an IP that aids a router in the sending of information to the users of the existence of a more efficient pathway to a destination and that a host should make changes to the routing table accordingly.
Methods of Prevention
- Drop all ICMP traffic
- Setting the ignore redirects property for packets and verification of their current value
References
An, G., & Kim, S. (2013). MAC Spoofing Attack Detection based on EVM in 802.11 WLAN. In The Seventh International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies (pp. 163-167).
Duan, H., Weaver, N., Zhao, Z., Hu, M., Liang, J., Jiang, J., … & Paxson, V. (2012, March). Hold-on: Protecting against on-path DNS poisoning. In Proc. Workshop on Securing and Trusting Internet Names, SATIN.
Meyer, U., & Wetzel, S. (2004). A man-in-the-middle attack on UMTS. In Proceedings of the 3rd ACM workshop on Wireless security (pp. 90-97).
Ornaghi, A., & Valleri, M. (2003). Man in the middle attacks. In Blackhat Conference Europe (Vol. 1045).