man-in-the-middle attack

(redirected from Man-in-the-middle)

man-in-the-middle attack

An unauthorized interception of network traffic. The packets are viewed or modified by the perpetrator and sent on to the recipient, who is unaware of the intrusion. A man-in-the-middle attack can be used to intercept an encrypted message exchange and spoof the recipient into thinking the message is intact from a legitimate sender. In such a case, the attackers replace the public key from the original sender with their own public key in order to decrypt the message that will be sent back from the unsuspecting recipient. See replay attack, public key cryptography and ARP cache poisoning.
References in periodicals archive ?
lt;p>Using a specially created app, SSLstrip, a researcher calling himself Moxie Marlinspike demonstrated to Black Hat Arlington, Va attendees, how vulnerable many SSL connections were to an involved but clever man-in-the-middle (MitM) attack where a hacker could proxy traffic from users accessing genuine, secure https:// Web site log-ins.
AirMagnet's unique analytic engine can detect many intrusions missed by other products, including Honeypot APs, the new Queensland University exploit, ASLEAP vulnerabilities, and Man-in-the-Middle attacks.