How to Deal with a Man in the Middle Attack

The terminology man-in-the-middle attack (MTM) in internet security, is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. For example, an attacker within reception range of an unencrypted Wi-Fi wireless access point, can insert himself as a man-in-the-middle. You'll come to terms with what this attack involves and how to deal with it by reading through this article.

Steps

  1. Image titled Deal with a Man in the Middle Attack Step 1
    1
    Understand how to counteract this type of attack. Since a man-in-the-middle attack (MTM) can succeed only when the attacker can impersonate each endpoint to the satisfaction of the other, the two crucial points in defending against MTM are authentication and encryption. A number of cryptographic protocols include some form of endpoint authentication specifically to prevent MITM attacks. For example, SSL can authenticate one or both parties using a mutually trusted certification authority. However, SSL is still not supported by many websites yet. Fortunately, there are three effective ways to defend against a man-in-the-middle attack even without SSL. These methods are able to encrypt the data traffic between you and the server you are connecting to, and also include some kind of end-point authentication. Each method is broken down in the following sections.
    2. Advertisement
Method 1
Method 1 of 3:

Virtual Private Network (VPN)

  1. Image titled Deal with a Man in the Middle Attack Step 2
    1
    To take the advantage of VPN, you should have a remote VPN server set up and configured first. You can do it yourself or just employ some reliable VPN service.
  2. Image titled Deal with a Man in the Middle Attack Step 3
    2
    Click "Control Panel" in the startup menu.
  3. Image titled Deal with a Man in the Middle Attack Step 4
    3
    In Control Panel, select "Network and Internet".
  4. Image titled Deal with a Man in the Middle Attack Step 5
    4
    Click "Network and Sharing Center".
  5. Image titled Deal with a Man in the Middle Attack Step 6
    5
    Click "Setup a new connection or network".
  6. Image titled Deal with a Man in the Middle Attack Step 7
    6
    In the "Setup a new connection or network" dialog, select "Connect to a workplace" and then press "Next".
  7. Image titled Deal with a Man in the Middle Attack Step 8
    7
    In the "Connect to a Workplace" dialog, click "Use my Internet connection (VPN)".
  8. Image titled Deal with a Man in the Middle Attack Step 9
    8
    Input the IP address of the VPN server and press "Next".
  9. Image titled Deal with a Man in the Middle Attack Step 10
    9
    Input your username and password, then press "Create".
  10. Image titled Deal with a Man in the Middle Attack Step 11
    10
    Click "Connect Now".
    11. Advertisement
Method 2
Method 2 of 3:

Proxy Server with Data Encryption Features

  1. Image titled Deal with a Man in the Middle Attack Step 12
    1
    Utilize a reliable proxy server and encrypt the transmission between you and the proxy. Some privacy software such as Hide My IP provides proxy servers and the option of encryption. Download it.
  2. Image titled Deal with a Man in the Middle Attack Step 13
    2
    Run the installation. When finished, double-click to launch the program.
  3. Image titled Deal with a Man in the Middle Attack Step 14
    3
    In the main interface, click "Advanced Settings...".
  4. Image titled Deal with a Man in the Middle Attack Step 15
    4
    In the "Advanced Settings and Options" dialog, check the option "Encrypt My Connection with SSL". This means that your data traffic to the sites you are visiting will be always encrypted, in just the same way as a https connection.
  5. Image titled Deal with a Man in the Middle Attack Step 16
    5
    Select a server you want to connect to, and then press "Hide My IP".
    6. Advertisement
Method 3
Method 3 of 3:

Secure Shell (SSH)

  1. Image titled Deal with a Man in the Middle Attack Step 17
    1
    Download Bitvise SSH Client from here. After installation, double-click the shortcut to launch the program.
  2. Image titled Deal with a Man in the Middle Attack Step 18
    2
    Select the "Services" tab in the main interface, in the SOCKS/HTTP Proxy Forwarding Section, check to Enable forwarding feature, then fill in the IP address of Listen Interface, 127.0.0.1, which means the localhost. Listen Port could be an arbitrary number ranging from 1 to 65535, but to avoid conflicts with the well-known port, a port number between 1024 and 65535 is suggested here.
  3. Image titled Deal with a Man in the Middle Attack Step 19
    3
    Switch to the "Login" tab. Fill in the information of the remote server and your account, then click the "Login" button below.
  4. Image titled Deal with a Man in the Middle Attack Step 20
    4
    When connecting to a server for the first time, a dialog containing the MD5 fingerprint of the remote server will pop up. You should check the fingerprint carefully to authenticate the real identity of the SSH server.
  5. Image titled Deal with a Man in the Middle Attack Step 21
    5
    Open a browser (for example, Firefox). Open menu, then click "Options".
  6. Image titled Deal with a Man in the Middle Attack Step 22
    6
    Select "Advanced" in "Options" Dialog. Click "Network" tab, then click "Settings...".
  7. 7
    In the "Connection Settings" dialog, select "Manual Proxy Configuration" option. Choose the proxy type "SOCKS v5", and fill in the IP address and port number of the proxy server, then press "OK". Since you are running SOCKS proxy forwarding using Bitvise SSH client in the same computer, the IP address should be 127.0.0.1 or localhost, and the port number must be the same as we set in #2.
    8. Advertisement

You Might Also Like

Access Blocked Websites
How to
Access Blocked Websites
Hack a Computer
How to
Hack a Computer
Disable Cookies
How to
Disable Cookies
Unblock Blocked Sites
How to
Unblock Blocked Sites
Clear Your Browser's Cookies
How to
Clear Your Browser's Cookies
Block a Program with Windows Firewall
How to
Block a Program with Windows Firewall
View Cookies4 Simple Ways to View Cookies in a Web Browser
Open Incognito Mode by Default in Google Chrome (Windows)
How to
Open Incognito Mode by Default in Google Chrome (Windows)
Block Porn on Android4 Ways to Block Porn on Android from Websites and Apps
Password Protect a Web Page
How to
Password Protect a Web Page
Remove Content Lock
How to
Remove Content Lock
Spot a Catfish
How to
Spot a Catfish
Verify a PGP Signature
How to
Verify a PGP Signature
Install an SSL Certificate
How to
Install an SSL Certificate
Advertisement

About This Article

wikiHow is a “wiki,” similar to Wikipedia, which means that many of our articles are co-written by multiple authors. To create this article, 11 people, some anonymous, worked to edit and improve it over time. This article has been viewed 75,398 times.
How helpful is this?
Co-authors: 11
Updated: June 24, 2020
Views: 75,398
Categories: Internet Security
Advertisement