Expert Answer Center > Experts On Demand > View Answer
EMAIL THIS
Experts on Demand
  EXPERTS ON DEMAND HOME     POSE A QUESTION     VIEW ANSWERS     BROWSE BY TOPIC        RSS FEEDS  
What is a "man in the middle" attack? QUESTION POSED ON: 30 AUG 2005
QUESTION ANSWERED BY: Puneet Mehta A "man in the middle" attack (aka "TCP hijacking" or an "eavesdropping" attack) is a well-known method in which an attacker sniffs packets from a network, modifies them and then inserts them back into the network. Simply put, the attacker intercepts network transmissions between two hosts. The attacker then masquerades as one of the hosts, often inserting additional transmissions into the network dialogue.

The "man in the middle" attack is prevalent in wireless networks as well. In this kind of invasion, the attacker may place a rogue access point in a legitimate wireless network, configure the rogue access point with the valid SSID of the victim's wireless network and thus gather sensitive information from authorized users connecting to the wireless network. Some attackers also use a laptop with two wireless network cards, where one card acts as an access point and the other wireless card forwards all the connections from the access point card to the legitimate access point. In cryptography the "man in the middle" attack is particularly applicable to the original Diffie-Hellman Key exchange protocol, when used without authentication.

HomeExperts on DemandIT Expert Webcast SeriesExpert KnowledgebaseSite Index
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts