Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

How to protect against Man in the Middle attacks?

  • 29-01-2013 02:42AM
    #1
    Howlin1
    Registered Users, Registered Users 2 Posts: 152 ✭✭


    With certain android apps you can preform a man in the middle attack against any device connected to the same wifi that phone is (redirect url - so if it was showing www.boards.ie it might actually be on www.somesite.com, replace images, text, inject a script in each webpage they visit), I know it won't have any effect if they visit a webpage that uses https. I know man in the middle attacks aren't anything new, but I can do one on my phone (it's only a samsung galaxy y, so even the lower end phones can do it), it is easier for people to preform them.
    I'm wondering how can I protect again this on my phone and laptop? I have seen apps like Wifi Protector (https://play.google.com/store/apps/details?id=com.gurkedev.wifiprotector) that supposedly protect against man in the middle attacks. Do they work or are they trying to provide a false sense of security?

    Another app can allow you to stop some/all traffic on the wifi network (you can specify which ones to allow/stop).
    Is there any way to protect against this as well (again for my phone and laptop)?


Comments

  • #2
    JimmyCrackCorn
    Registered Users, Registered Users 2 Posts: 1,689 ✭✭✭JimmyCrackCorn


    Setup a VPN service on your home network and use that to encrypt all traffic to your house first.

    That's if you trust your house.


  • #3
    CrinkElite
    Banned (with Prison Access) Posts: 890 ✭✭✭CrinkElite


    As far as I know there is no real way to protect against MITM.

    I was thinking about this recently and the best I could come up with is a device on the network that parses ARP packets and drops ones that exhibit anomalous behaviour (eg. firing 20 times a second/directly conflicting tables) I imagine this approach would take a lot of trial and error to get right and could possibly cause a high rate of false positives.

    CISCO seem to have adopted this type of thing with their DAI technology but I'm not sure if it's available on their consumer grade products. http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/dynarp.html

    Unless someone is really out to get you, I wouldn't worry about it. :)

    ps. Moxie Marlenspike's SSLstrip offers a viable attack against SSL when combined with MITM http://www.thoughtcrime.org/software/sslstrip/


Advertisement