MITM

From Hackepedia
Jump to navigationJump to search

Stands for Man-In-The-Middle, it's an attack where someone places themselves in the middle between Alice and Bob (or receiver and sender). They usually try to proxy an encrypted connection from that point on in order to get at the plain-text of the connection. (bastards!).

Usually a MITM attack is detected when public keys don't match anymore. That's why it's important for example to cross-check keys when contacting an encrypted service. SSH will give a warning if the key doesn't match anymore. At no circumstance continue, but contact sysadmin or others in order to get behind why a key changed.