Posts Tagged ‘man-in-the-middle’

Internet Safety While Traveling – Deeper Dive

Saturday, November 23rd, 2013

A “man in the middle” or MIM attack is not particularly difficult to pull off, and it represents one of the biggest cyber security threats we face when we are traveling – or in fact, any time we consider using an unknown wireless network.

Here’s how it works: it’s rather easy to find software which will monitor or “sniff” network traffic.  It’s even easier to set up a wireless network – by example, like many business travelers these days, I carry a portable wireless hub in my purse. If the intent is to trick other people into using it, all that’s left is giving it a name which sounds legit like, “Marriott SecureWifi”. These can even be set up as far as 15 miles away from the wifi area.

As people try to connect to the criminally controlled network, the cybercriminal allows them to do so (using the same password as the real network, or no password at all). Then the cybercriminal becomes the “man in the middle” (MIM). Sample scenario (there’s a more detailed example of a MIM in my book):
1. You ask for the gmail page in your browser and type in your gmail password.
2. The MIM intercepts your request and provides you a fake gmail login page (which looks pixel by pixel exactly like the legitimate one, including “https/gmail” in the browser, which indicates that it is securely linked to the gmail server).
3. The MIM sends your password to Google.
4. Google assumes it’s talking to you, and opens your gmail.
5. The MIM passes the gmail back to you and continues passing requests and information back and forth until your session is done.


Beware public wifi! And secure your wireless

Sunday, June 3rd, 2012

I always enjoy watching hackers in action. At least, when they are friendly (rather than malicious) and willing to share the details of their tricks. At the Kaseya Connect conference in May, Dana Epp did the following:

a.) set up his own wireless router with a name very similar to the one we had access to for the conference

b.) sucked in at least 20 conference attendees – they believed his router was legitimate

c.) proceeded with a “man in the middle” attack – this is where a person sits between the user and the server they are trying to get to, and watches everything going back and forth. Meaning, passwords, data, etc.

Of course he didn’t actually steal anyone’s data. But he did put up a screen shot of the logins of the attendees who were using his bogus wireless – a mite bit embarrassing for all but Fuzzy (who is a good sport!). It was obvious how easily Dana – or just about anyone else who was motivated enough – could monitor the data which was being sent and received. And of course, that includes the passwords they use to access their internet dating services, get on their company networks or do their on-line banking (if the first page of the banking site wasn’t secure).

Two rules for the rest of us: (more…)