A popular attack to carry out without the user even knowing about it Man in the middle attack is most commonly heard in the field of cryptography and it may be abbreviated as MITM.
Other names are also used to refer to this kind of assault and these are the Janus attack and the bucket-brigade attack.
Man in middle attack is one of the many popular types of eavesdropping that exists as of the present times.
Vicious criminals perform this assault by generating a number of unconstrained connections with other individuals and groups of messages will be relayed between the attacker and his or her victims.
This process will then deceive the individuals and they will end up trusting the idea that there is an actual ongoing direct communication via a private connection.
But in reality, the exchange of words among the targets is actually under the control of the attacker himself or herself.
The conversation among the many individuals so as to have the chance to incorporate new messages.
And, in most situations, this occurs without any intricacies in the process.
In simpler terms, the attacker can include himself in the exchange of message as a man-in-the-middle and this may be done when he or she is already found inside the reception range of the Wi-Fi wireless access point, which is not encrypted.
This form of eavesdropping assault will become successful only if the criminal manages to perfectly masquerade as the victims on each of the endpoints so as to convince them.
There are different ways as to how one party may be protected against the MITM assaults.
People should be reminded of the fact that there is the great need to employ authentication procedures to ensure a more protected environment.
The methods are based on the following: stronger mutual authentication like secret keys and passwords, public key infrastructures, and one-time pads.
It is also best to have latency examination, second channel verification, and carry-forward verification.
Attackers often prefer Man in the Middle attacks since it make it easy for the attacker to intercept sensitive and private user data without the user even knowing it.
It can also be in a cafe or other place with public free WiFi that the attacker will setup a fake access point tricking the user to connect.
The user will think they are just getting free WiFi but in reality all traffic goes via the attackers site.
This can easily lead to stolen sensitive data like passwords, medical data, private data.
It is also possible for an attacker in a Man in the Middle attack to inject code into the target traffic. This way Trojans or malware can be installed on the victim system without them knowing it.
Later on the victim with installed Trojans and Malware can be abused in Botnet attacks.