Man – in –the middle attack

Thursday, September 12, 2013


Occurs when someone between you and the person with whome you are communicating is actively monitoring , capturing & controlling your communication transparently.


Man in the middle attacks are like someone assuming your identity in order to read your message the person on the other end might believe it’s you.

In normal mode, the device sends a request (ARP REQUEST) & router reply by(ARP REPLY) on this reply mac address of   the router to construct arp tables.

This is the normal situation, but hackers exploit this technology and they do the following:

1.    Put the NIC in promiscuous status, But in case of promiscuous the NIC will receive all packets path on it, The normal situation make the NIC received only the true packets.

2.    Reply of arprequest by arp reply contain IP of router port.
 

0 comments:

Post a Comment