2. In this type of attack, the attacker attempts to insert himself in the middle of a communication for purposes of intercepting client’s data and could potentially modify them before discarding them or sending them out to the real destination. The attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to Each other over a private connection, when in fact the entire conversation is Controlled by the attacker. Man-in-the-middle attacks
6. Security Breach Example To ensure no prosecution, hackers contacted bank president and gave two options: 2003 group of hackers were "testing" security of various banks and noticed that one was extremely vulnerable Within a couple of hours, they transferred over $10 million dollars from the bank to a private account Due to bank's poor network security, attackers tracks were difficult to find Sign proposal indicating that hacker's were forming a security assessment at bank's request for $5 million dollars and hackers would then return the other $5 million. Bank could prosecute, but attackers would deny everything and notify media on bank's poor security
7. What choice do you think the bank president choose? Bank Manager made a signed aggrement And gave $5 Millions to Hackers on the behalf of security assesment
8.
9.
10.
11. Passive Man in the Middle Attacks Victim browses to a website Attacker views the request and forwards to server Attacker views the response and forwards to victim Server returns a response Other servers are not affected
16. Attack strategy – Spoofing Spoofing is the creation of TCP/IP packets using somebody else's IP address. Routers use the "destination IP" address in order to forward packets through The Internet, but ignore the "source IP" address. That address is only used by the destination machine when it responds back to the source. An example from cryptography is the Man in the middle Attack, in which an attacker spoofs Alice into believing the attacker is Bob, and spoofs Bob into believing the attacker is Alice, thus gaining access to all messages in both directions without the trouble of Any cryptanalytic effort.
17.
18. URL spoofing and phishing , Another kind of spoofing is "webpage spoofing” also known as Phishing. In this attack, a legitimate web page such as a bank's site is reproduced in "look and feel" on another server under control of the attacker. The main intent is to fool the users into thinking that they are connected to a trusted site, for instance to harvest usernames and passwords. Referrer spoofing , Some websites, especially pay sites, allow access to their materials only from certain approved (login-) pages. This is enforced by checking the referrer header of the HTTP request.
19. The sender information shown in E-Mails (the "From" field) can be spoofed easily. This technique is commonly used by spammers to hide the origin of their e-mails and leads to problems such as misdirected Bounces. Like attacker send a message to user by changing its ‘From' field and user Think that message is received by an trusted person and he may reply to that Message and our data may be misused. E-mail address spoofing