DEV Community

Febna V M
Febna V M

Posted on

Man-In-The-Middle (MITM) Attack: Types, Techniques And Prevention

Viruses, malware, ransomware, trojans, phishing and a lot more make a never-ending list of cyber threats.

One of the most prevalent cyber threats out there that often gets overlooked is manipulator-in-the-middle (previously referred to as ‘man-in-the-middle’) attack. This cyber-attack questions the integrity and confidentiality of communication between two parties.

Attackers could use the latest MITM attacks and tactics to steal personal or confidential data.

Some of the techniques used to carry out MITM attacks include:

  • Rogue Access Point
  • Address Resolution Protocol (ARP) Spoofing
  • Domain Name System (DNS) Spoofing
  • Email Hijacking
  • Internet Control Message Protocol (ICMP) Redirection
  • Dynamic Host Configuration Protocol (DHCP) Spoofing
  • SSL Stripping

And it is rarely possible to recognize whether a Man-in-the-Middle attack has occurred or not. But, MITM attacks can be avoided by following some best practices.

This blog post covers the types and techniques of manipulator-in-the-middle attacks and offers some suggestions to stay safe from MITM attacks.

Read on to know more.

Top comments (1)

sergeypodgornyy profile image
Sergey Podgornyy

It is almost impossible for an individual to prevent MITM attack. It should be the responsibility of the website owner to prevent it.

As for the technical article, you did not describe really important steps for website operators:

with secure mechanisms

which ones? 🙂

multi-factor authentication

It won't help against MITM attack 🤷‍♂️ It secures accounts, so it is not possible to hack them so easy, but if there is the man in the middle, then he'll get all your authorization steps

you never ask about login data or any other data through emails

Phishing is not MITM

always ensure that your website is free of security threats by regular auditing and testing it

too broad meaning... what do you mean by auditing and testing? Which tools should be used?

I would expect more technical hints in your article 😉 Check out this article to learn how website owners can prevent MITM attacks.