Man-in-the-middle Attack

Man-in-the-middle in short MITM. Man-in-the-middle works very much like the name sounds. A bad guy sits in the middle of a conversation between two devices, he is able to watch exactly what is going on between those systems, he can capture packets, he can inject his own information in there, he can change information or simply just watch what is going on and see if we can identify things that might be interesting that he could use later. What he is really doing is redirecting your traffic, he becomes the endpoint instead of you sending information, for instance, to your router, you would send information to the man in the middle, and the man in the middle would then pass it on to the router in many cases being completely invisible. You never even know this redirection is taking place. So, this become a pretty major issue.

A simple way to understand a man in the middle attack by a game which is common known, the cup telephone game. When you talk to your best friend through cups and string, but then a man comes out to cut off string and puts cups to his ears, the man will be able to intersect the conversation.

There is one very common way for accomplishing this, which is something called ARP poisoning. The ARP protocol the address resolution protocol used in TCP/IP has no security associated with it. Machines just simply trust that if they are receiving information in an ARP packet that that information is something that is legitimate.