What is a man-in-the-middle (MITM) attack?
D2 ยท Threats ยท CompTIA Security+ SY0-701A man-in-the-middle (MITM) attack occurs when an attacker secretly intercepts and potentially alters communication between two parties who believe they are communicating directly with each other.
Common MITM techniques: ARP poisoning (redirect LAN traffic), DNS spoofing (fake DNS responses), SSL stripping (downgrade HTTPS to HTTP), evil twin Wi-Fi (rogue access point).
Common MITM techniques: ARP poisoning (redirect LAN traffic), DNS spoofing (fake DNS responses), SSL stripping (downgrade HTTPS to HTTP), evil twin Wi-Fi (rogue access point).
TLS/HTTPS prevents MITM by authenticating the server via certificates. On public Wi-Fi, always use a VPN. Certificate pinning prevents SSL stripping attacks.