0

I know how MITM attacks work (theory/videos on the subject etc), but I am a bit confused and not sure what are the worst-case scenarios that can happen.

If I'm using a public VPN and someone is indeed able to force my device to make a connection through theirs, they will be able to see where my connection goes and can use their own DNS to transform the request for their own fishy website. And as far as I got it, there's absolutely nothing I can do about it, am I correct?

Even if there's no MITM attack and my connection is wired, there is an ISP that can do the same, no matter what I do. Is there really nothing I can do about it?

Also, if I am using VPN, the ISP or MITM still will catch that request as everything else and can respond with whatever they want and I won't know a thing.

schroeder
  • 125,553
  • 55
  • 289
  • 326
kingJulian
  • 1
  • "if I am using VPN, they" -- who is "they"? I think the part you are missing is the concept you tagged your question with: "encryption". There's a difference between seeing and routing the traffic, and being able to *read* it. – schroeder Sep 22 '21 at 08:19
  • @schroeder they, the ISP/MITM. If the whole thing is going through them, they can impersonate the service you're looking for. They(MITM/ISP) can send response back to you as they would be the real VPN/service you're looking for. Same as with DNS. – kingJulian Sep 22 '21 at 09:07
  • Ok, how can those watching the traffic impersonate the target when encryption is being used? – schroeder Sep 22 '21 at 09:19

0 Answers0