10/23/2014

Man-In-The-Middle Attack



Man-In-The-Middle Attack 


Dictionaries define it as a type of attack in which "a user (attacker) is located right in the between the sender and the receiver catching all the information (data) and sniffing it". The attacker intercepts the amount of traffic that he wishes/needs, gathers the information and sends it back to the original destination... sweet!


What´s that smell?

Sniffing, a “packet sniffer” is a utility (smaller in size than an application, but fulfills certain tasks: an example is Disk Cleanup by Microsoft) that has been used since the Time of Ethernet:P. The “Packet Sniffing” technique allows the attackers to capture the information that has been sent through the network. The “packet sniffer” software is used by professionals to diagnose certain network issues…but it is also used by attackers to capture unencrypted data such as login credentials… and once they have the data…

NSA

If you wish to keep your information "safe", you should learn how to use certain encryption protocols and encrypt all the important information that you send through the network… GPG works just fine, and for the telnet users, , move to SSH.


“Y u Attack!”


The iCloud (Apple) users in mainland China are not safe either; in fact the word on the street is that the Chinese government performed the MITM attack a few days ago in order to spy Apple users in its territory. Great Fire is an NPO that monitors internet censorship in China and they were the ones who called that the main reason for the MITM attack was to steal login credentials and private information.



“The Others”

There has been a systematic MITM attack against Tor and different sites in the DW (29 weeks now), the purpose is to monitor and watch the traffic down there; also to steal credentials and data through phishing and other techniques. The following is a short list of cloned sites that have been identified by DW users… consider that many DW visitors are aware of the tactics used to obtain/steal information, now imagine what happens here, in the clearweb.

 

@feexitmx
www.feexit.mx
rp@feexit.mx
Publicadas por a la/s

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)