Scribd
Upload
7 views3 pages

Protecting Against MITM Attacks

The document outlines methods to protect systems from Man-in-the-Middle (MITM) attacks, detailing various attack techniques such as sniffing, packet injection, session hijacking, and SSL stripping. It recommends preventive measures including strong encryption, secure router credentials, the use of VPNs, enforcing HTTPS, and public key pair authentication. Additionally, it provides a code example using the RSA algorithm to demonstrate encryption and decryption as a defense against MITM attacks.

Uploaded by

sakthimanocseucet
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
7 views3 pages

Protecting Against MITM Attacks

The document outlines methods to protect systems from Man-in-the-Middle (MITM) attacks, detailing various attack techniques such as sniffing, packet injection, session hijacking, and SSL stripping. It recommends preventive measures including strong encryption, secure router credentials, the use of VPNs, enforcing HTTPS, and public key pair authentication. Additionally, it provides a code example using the RSA algorithm to demonstrate encryption and decryption as a defense against MITM attacks.

Uploaded by

sakthimanocseucet
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

[Link] and show how to protect your system from the MITM attack.

Aim:

To Implement and show how to protect our system from the MITM attack.

Procedure:

Man-in-the-middle attacks (MITM) are a common type of cybersecurity


attack that allows attackers to eavesdrop on the communication between
two targets.

Man-in-the-Middle Attack Techniques


Sniffing

Attackers use packet capture tools to inspect packets at a low level. Using specific
wireless devices that are allowed to be put into monitoring or promiscuous mode
can allow an attacker to see packets that are not intended for it to see, such as
packets addressed to other hosts.

Packet Injection

An attacker can also leverage their device’s monitoring mode to inject malicious
packets into data communication streams. The packets can blend in with valid data
communication streams, appearing to be part of the communication, but malicious in
nature. Packet injection usually involves first sniffing to determine how and when to
craft and send packets.

Session Hijacking

Most web applications use a login mechanism that generates a temporary session
token to use for future requests to avoid requiring the user to type a password at
every page. An attacker can sniff sensitive traffic to identify the session token for a
user and use it to make requests as the user. The attacker does not need to spoof
once he has a session token.

SSL Stripping

Since using HTTPS is a common safeguard against ARP or DNS spoofing,


attackers use SSL stripping to intercept packets and alter their HTTPS-based
address requests to go to their HTTP equivalent endpoint, forcing the host to make
requests to the server unencrypted. Sensitive information can be leaked in plain
text.

Man-in-the-Middle (MITM) Attack Prevention


Strong WEP/WAP Encryption on Access Points

Having a strong encryption mechanism on wireless access points prevents


unwanted users from joining your network just by being nearby. A weak encryption
mechanism can allow an attacker to brute-force his way into a network and begin
man-in-the-middle attacking. The stronger the encryption implementation, the safer.

Strong Router Login Credentials

It’s essential to make sure your default router login is changed. Not just your Wi-Fi
password, but your router login credentials. If an attacker finds your router login
credentials, they can change your DNS servers to their malicious servers. Or even
worse, infect your router with malicious software.

Virtual Private Network

VPNs can be used to create a secure environment for sensitive information within a
local area network. They use key-based encryption to create a subnet for secure
communication. This way, even if an attacker happens to get on a network that is
shared, he will not be able to decipher the traffic in the VPN.

Force HTTPS

HTTPS can be used to securely communicate over HTTP using public-private key
exchange. This prevents an attacker from having any use of the data he may be
sniffing. Websites should only use HTTPS and not provide HTTP alternatives. Users
can install browser plugins to enforce always using HTTPS on requests.

Public Key Pair Based Authentication

Man-in-the-middle attacks typically involve spoofing something or another. Public


key pair based authentication like RSA can be used in various layers of the stack to
help ensure whether the things you are communicating with are actually the things
you want to be communicating with.

Code:(We are using RSA algorithm to prevent MITM attack)

pip install pycryptodome

from [Link] import PKCS1_OAEP


from [Link] import RSA

message = b"Hello World"


private_key = [Link](1024)
public_key = private_key.publickey()
cipher = PKCS1_OAEP.new(key=public_key)
cipher_text = [Link](message)
print("encrypted message",cipher_text)
decrypt = PKCS1_OAEP.new(key=private_key)
decrypted_message = [Link](cipher_text)
print("Decrypted Message",decrypted_message)

Output:

encrypted message b'\x1a\xd6u\xfc\xce\x13x\xfcj\x8a\xb3\x05\xe9\x05\xc1\


xf1e{*\x19K\xd5\xd1\x84\t\x93\xf1A\x9e\xedc^\xb2c\xe3,+\xfb\x82\x95N\x06\
x14`\xfe\x15\x98SMs\x12\x9d\x1d^J\xf7\xb6\xa5\x11\xa9\xb1\xa1\xcd\xcdy\
xe8\xc2\x9b\xd1\xc9f\xe6\xf3\xfe\xe0\xc8X\xa3\xd3\xcc\xe2u\x17\xfa\xeb\
xfbR\xcax\xf1\xcc\xcf\xeesyG\xd4Z\xa5Km\xa1|0\x16\xb0l\xfa\xd9\xb4"N\x16\
x93f\xd6uy\xd7\x1b\x08\xfa\x01\x10\xb6\xe1\x86\''
Decrypted Message b'Hello World'

Note:

Using colab or jubiter or IDLE,we can execute the above program.

Result:

Implemented and shown how to protect our system from the MITM attack.

You might also like