On Wed, 8 Jun 2005, Lai Zit Seng wrote:
On Tue, 7 Jun 2005, Scot L. Harris wrote:
The difficulty is in getting a system inserted into such a position. It typically requires physically inserting a system in the path unless the attacker is able to mess with the end systems proxy settings and redirect things that way.
In practice, there are many ways to do this, so it's actually not terribly difficult. E.g. one could subvert the DNS so that the client unwittingly connects to the wrong server.
route injection, address space hijack, arp spoofing (ie masquerding as the gateway or the host) on either ends edge network, etc...
Heh... yes those are many more excellent examples. Also consider if your ISP is the bad guy, or your ISP themselves got hacked... so it becomes even more trivial to do MITM. The important thing to know is that these are not difficult to do, so the question isn't so much how to do MITM attack... it can be done... we have to deal with it :)
Regards,
.lzs -- http://zitseng.com/
Regards
.lzs -- http://zitseng.com/
