How to Deal with a Man in the Middle Attack
Understand how to counteract this type of attack.
Step-by-Step Guide
-
Step 1: Understand how to counteract this type of attack.
Since a man-in-the-middle attack (MTM) can succeed only when the attacker can impersonate each endpoint to the satisfaction of the other, the two crucial points in defending against MTM are authentication and encryption.
A number of cryptographic protocols include some form of endpoint authentication specifically to prevent MITM attacks.
For example, SSL can authenticate one or both parties using a mutually trusted certification authority.
However, SSL is still not supported by many websites yet.
Fortunately, there are three effective ways to defend against a man-in-the-middle attack even without SSL.
These methods are able to encrypt the data traffic between you and the server you are connecting to, and also include some kind of end-point authentication.
Each method is broken down in the following sections.
Detailed Guide
Since a man-in-the-middle attack (MTM) can succeed only when the attacker can impersonate each endpoint to the satisfaction of the other, the two crucial points in defending against MTM are authentication and encryption.
A number of cryptographic protocols include some form of endpoint authentication specifically to prevent MITM attacks.
For example, SSL can authenticate one or both parties using a mutually trusted certification authority.
However, SSL is still not supported by many websites yet.
Fortunately, there are three effective ways to defend against a man-in-the-middle attack even without SSL.
These methods are able to encrypt the data traffic between you and the server you are connecting to, and also include some kind of end-point authentication.
Each method is broken down in the following sections.
About the Author
Andrea Rodriguez
Specializes in breaking down complex creative arts topics into simple steps.
Rate This Guide
How helpful was this guide? Click to rate: