MITM - Man In The Middle
In cryptography and computer security field, the concept of MITM (Man in the middle) Allows the communication between two subjects (Subject A and Subject B), secretly there is a third subject (Subject C), making the relay communications between A and B, bi-directional mannered.
In order to better explain this concept, I present an illustration image:
I will not present methods of attack, or how they can be made, but we can easily say that the MITM, is heavily used by several security agencies around the world.
Some of the following methods of defense against MITM attacks, can and should be implemented by SysAdmin:
- DNSSEC: Secure DNS Extensions;
- PKI: Public Keys Infrastructures;
- DKIM: DomainKeys Identified Mail;
- SSL pinning;
- Quantum cryptography;
The defense of these attacks is not something easy to implement, since it involves not only technical knowledge, but more importantly the layer of users to which is always very difficult to explain cryptographic exploit scenarios and routing of data between one or more points in a network.
In the MITM concept, there are other similar concepts, with similar approaches, but with different actors.
I speak of the concept MITB (Man in the browser).
One of the most famous BOTS that has developed these attacks is the Trojan Spy: W32 / ZBOT.