Man-in-the-Middle Flashcards

1
Q

Man -in- the-middle

A

• How can a bad guy watch
without you knowing?
• Man-in-the-middle

  • Redirects your traffic
    • Then passes it on to the destination
    • You never know your traffic was redirected
  • ARP poisoning
    • ARP has no security
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Man-in-the-browser

A
  • What if the middleman was on the same computer as the victim?
    • The calls are coming from inside the browser!
    • Malware/Trojan does all of the proxy work
  • Huge advantages for the bad guys
    • Relatively easy to proxy encrypted traffic
    • Everything looks normal to the victim
  • The man-in-the-browser waits for you to login to your bank
    • And cleans you out
How well did you know this?
1
Not at all
2
3
4
5
Perfectly