AB9IL.net

Wi Fi Man in the Middle Attacks

Disclosure: AB9IL.net is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program such that this site earns advertising fees by linking to Amazon.com. If you make a qualifying purchase after clicking a link on this website, the associate affiliated with this site may earn a comission at no cost to you.


#Advert: Muscle up your project on an MSI Mobile Workstation

New Features: Global Quick Tune Internet SDR List Improve Your Radio Knowledge at "YouTube SDR School"
Article Index --- click here to unfold ---
Newest Pages NEW: Trumpists Kicking the Hornets Nest
NEW: Introduction to Catbird Linux
NEW: Skywave Linux Updated to ver 4.1
NEW: i3wm: Using i3-ipc to Float Windows
How to Record from WebSDR and OpenWebRX Sites
Programmatic RTL-SDR Frequency Claibration
Public KiwiSDR Lists
Malaysia Airlines Flight MH17: Simply Mass Murder
The Anonymous Cathay Pacific Employee Letter to Hong Kong
For For Cathay Crews Crossing Borders With Electronics
Photo Gallery 9: The New Life Movement in China, 1944
E Pluribus Unum: From Many, One, Dammit
HFGCS Quick Tune SDR List
The Robert Mueller Iron Triangle Speech
A Rant About One Party Rule
Best OpenWebRX and WebSDR Servers
SDR School via YouTube
ADALM-PlutoSDR on Linux Systems
MOFO Linux: Defeating State Censorship and Surveillance
Linux: Distros, Code, and Nifty Software NEW: Introduction to Catbird Linux
NEW: Skywave Linux Updated to ver 4.1
NEW: i3wm: Using i3-ipc to Float Windows
Skywave Linux: HPSDR, WebSDR, and RTL-SDR ready to run.
Siduction Linux with the Cinnamon Desktop
Siduction Linux with the LXQT Desktop
Andy's Ham Radio Linux 15 and QtRadio
Booting Multiple Linux Disc Images with Grub2
Porteus Linux Hard Drive Installation
UPDATED: MOFO Linux - For Unrestricted Internet
Aptosid with LXDE
Asus EeePC 1215N with Linux
Autostart Tweaks for KDE3 and KDE4
Broadband Speed Tweaks For Linux
Fixing the Firefox 3 Rendering Bug
Linux on Solid State Drives
Linux Wireless Interface Driver Updates
Setting Polkit to Automount USB Devices
Sidux with LXDE
Fixing Skype Inverted Video
SLAX Remix - kernel upgrades
Flash Drive Linux - Introduction
Flash Drive Knoppix 5.3 - Part 1
Flash Drive Knoppix 5.3 - Part 2
Flash Drive Knoppix 6.0 - Part 1
Flash Drive Knoppix 6.0 - Part 2
Flash Drive SLAX - Part 1
Flash Drive SLAX - Part 2
Flash Drive Bluewhite64 - Part 1
Flash Drive Bluewhite64 - Part 2
Flash Drive Linux - Basic Customization
SLAX Customization - Part 1
SLAX Customization - Part 2
Bluewhite64 Customization - Part 1
Bluewhite64 Customization - Part 2
Long Range Wi-Fi Basics of Long Range Wireless Networking
Linear Focus Parabolic Wi Fi Antenna
High Gain Wi Fi Dish Antenna
High Gain Helical Wi Fi Antenna
High Gain Yagi Wi Fi Antenna
High Power Wireless Adapters
Wi Fi Extender Antenna for Routers
Belkin F5D7050 External Wi Fi Antenna
Linksys WUSB54GC External Antenna Mod
Compat Wireless Linux Drivers
Installing WPA_Supplicant for Wi-Fi Security
Linux Wireless Interface Driver Updates
Linux Wireless Interface Driver Support
NetworkManager and Consolekit
RT73 Wireless Drivers for Linux Kernel 2.6.27+
RT2860 Wireless Drivers for Linux Kernel 2.6.27+
Radio: Amateur Radio, Aero Radio, Shortwave, etc NEW: Programmatic RTL-SDR Frequency Claibration
NEW: Public KiwiSDR Lists
NEW: GHFS Quick Tune SDR List
UPDATED: Best OpenWebRX and WebSDR Servers
UPDATED: Skywave Linux: HPSDR, WebSDR, and RTL-SDR ready to run.
CubicSDR on Debian, Ubuntu, and Linux Mint
Dump1090 for Linux Mint 17.1 and Siduction 2014.1
Software Defined Radio - An Introduction
QS1R Direct Sampling SDR
Chaining SDR Audio Interfaces
FLEX-6000 Direct Sampling SDR
UPDATED: RTL2832 Software Defined Radio
WebSDR Digimode Reception
Enabling FLASH in Jack Audio
Realtime Software Audio Processing
Liberation Technology MOFO Linux - For Unrestricted Internet
Veracrypt Encryption for Linux
Veracrypt Encryption for Windows
Using Google Within China
Popcorn Time and Flixtor for Uncensored Streaming Media
DNS Encryption using DNSCrypt
Galaxy Nexus Privacy and Robustness Enhancements
Galaxy SIII Privacy and Robustness Enhancements
Flash Drive Encryption for Linux
Flash Drive Encryption for Windows
Multihop VPN Connections for Strong Internet Privacy
Open and Free DNS Server List
OpenVPN Cloaking against Deep Packet Inspection The Serval Mesh Phone Project
Skype's Robust Security
Man in the Middle Wireless Security Risks
Wireless Security and Surveillance
Digital Audio Adjusting Audio Dynamics in VLC
Backing Track Prep Guide
Ipod Music Processing Guide
How To Record Record Live Music Performances
Realtime Software Audio Processing
Chaining SDR Audio Interfaces
Aerospace Radio, Aviation, Pontification, and Opinion NEW: Trumpists Kicking the Hornets Nest
NEW: The Anonymous Cathay Pacific Employee Letter to Hong Kong
NEW: For For Cathay Crews Crossing Borders With Electronics
NEW: E Pluribus Unum: From Many, One, Dammit
NEW: HFGCS Quick Tune SDR List
NEW: The Robert Mueller Iron Triangle Speech
NEW: A Rant About One Party Rule
Captains Authority Versus Autocratic Airline Management
Malaysia Airlines Flight MH17: Simply Mass Murder
Malaysia Airlines Flight MH370 - A Media Circus
High Gain Air Band Antennas
Apollo Unified S Band Communications
Chinese Anti-Stealth VHF Radar
Oceanic Communications - Procedures, Equipment, Voice and HFDL
Boeing 737NG Radio Equipment
Boeing 767 Radio Equipment
NAOC-TACAMO Monitoring
My Flight on 9/11
Joshua Chamberlain's Leadership Tips
Special Operations Forces Truths
TWA 800: Just Give Me Some Truth
Photo Gallery Aviation Photo Gallery 1: Snapshots From My Journeys
Aviation Photo Gallery 2: On the Road With ATA Airlines
Aviation Photo Gallery 3: More ATA Airlines
Aviation Photo Gallery 4: Southwest Airlines is the Borg Empire
Aviation Photo Gallery 5: Starting Over, Moving On...
Aviation Photo Gallery 6: More Viva Macau
Aviation Photo Gallery 7: Mainland China Airline Flying
Aviation Photo Gallery 8: Chinese Smog and Fog
NEW: Photo Gallery 9: The New Life Movement in China, 1944
Broadcasting BBC Radio Blooper - Adolf Merckle
TV DXing the World Trade Center
New York TV after 9/11
Live Music Recording Adjusting Audio Dynamics in VLC
Backing Track Prep Guide
Ipod Music Processing Guide
How To Record Record Live Music Performances
Radio Poetry and Arts In Distress, by David Wagoner
Just A Radio Operator, by Robert A. Wallace
Radio Circuit Modifications ATS-909 Modifications
ATS-909 Manuals
ATS-909 Alignment Procedure
ATS-909 Alignment Spectrograms
Very Low Frequency (VLF) Radio Internet Based VLF Radio Listening
Windows Tips Windows Performance Enhancement Tips
A Faster Windows 7
Windows 7 SSD Setup

We would all like to think that the wifi networks we use are secure and that the promise of secure mobile connectivity is fully realized. The truth is that mobility, security, and convenience are all in measures, and that some measures are greater than others. And some measures are nil. For secure computing in a mobile or portable environment it is essential to observe certain effective precautions, because there are entities seeking to capture and use your sensitive data.

DEFINING THE "MAN IN THE MIDDLE" SCENARIO

A Man In The Middle attack, often abbreviated as MITM, is accomplished by inserting a third party into a two party communication and hiding that fact from the original two participants. The man in the middle then gets access to the data and can secretly alter it for his own purposes.

Imagine Alice and Bob, a century ago, communicating via paper notes. The evil character Dennison is a master of counterfeit with access to their letters while enroute. Dennison reads their letters and passes them on unaltered. Then one day Bob offers to buy Alice's valuable collection of antique office furniture. Alice agrees, and requests payment info with a delivery address. Bob sends his banking and delivery information, but Dennison alters it all. Dennison gives Alice the address of his stolen goods dealer, and he transfers all of Bob's money into an offshore account. Dennison sends Bob an authentic looking note from Alice indicating that all is well and to expect delivery in four more days. Not to happen! Alice and Bob have been duped by an impostor middleman who will have vanished before any suspicion arises.

#Advert: Content creator laptops from MSI - ready for your ideas.

Or, imagine a secret business transaction between A and B, carried out via a courier trusted by both sides who actually is an agent for a third company, C. The transaction stalls because the courier alters the terms seen by A or B, and makes them unreasonable. The company C comes along and clinches the deal thanks to middleman sabotage. A and B have no idea that their offers were rewritten enroute.

Note: There are non-free countries where internet users must have their web browsers set up to use state controlled security certificates for browsing SSL encrypted pages! Yes, anyone can read unsecured http traffic, but an entity with security certs in one's browser can read https traffic. If you are in such a place, the authorities can see what you visit on the web. Beware, and it does not matter that you may have nothing to hide: It is not your responsibility to give up information that is no one else's business. The power of search and seizure must always be used for just cause and never arbitrarily.

"MAN IN THE MIDDLE" WiFi VERSION

In wireless networking, the MITM scheme is implemented in a number of ways. One is to operate a rogue access point resembling a legitimate wireless hotspot. Often the real access point is jammed or blocked while the rogue, with the same SSID, is in the clear with a strong signal. Another method is to break a client's connection and lure the client's hardware into reconnecting to the middleman. In this case the middleman has faked the access point MAC address.

Be aware that these attacks are not limited to wireless networks; there have been cases of proxy servers (and even the TOR network) faking security for SSL / HTTPS communications. It means that banking, secure email, and other sensitive connections have been compromised by man in the middle schemes. The intent again is to access and use or alter confidential data passed on a network.

COUNTERMEASURES AGAINST "MAN IN THE MIDDLE" ATTACKS

What protections are there against man in the middle attacks on your network? Consider these steps:

  1. Survey the APs operating with your unique SSID. Take down any that are not authorized to be on the air.
  2. Use strong encryption on your network. WPA is much better than WEP
  3. Use SSL. It will make man in the middle attacks more difficult, and will prevent most attacks.
  4. Doublecheck SSL certificates before using https pages. IE and Firefox can do this for you.
  5. Encrypt any documents you don't want to be intercepted or altered.
  6. Using a VPN service is quite effective against man in the middle attacks
  7. Forget about WEP. WEP is dead. Use WPA encryption

In conclusion remember that no communications security system is 100.000% secure. Successful ones require so much effort to break that the information is worthless by the time it is extracted and used. Your best policy is to limit the flow of sensitive information, off the network, and use the strongest possible protection. For more reading about rogue access points and man in the middle attacks, see Rogue Access Points and the University of British Columbia Wifi Network.



Tags: wif fi mitm attack, wifi mitm defense, wifi security, man in the middle attack, wifi crypto

©2005 - 2020 AB9IL, All Rights Reserved.
About, Contact, Privacy Policy and Affiliate Disclosure, XML Sitemap.