A man-in-the-middle (MITM) attack occurs when an attacker inserts himself between two devices and is able to read, insert, modify messages between the two devices.

The most difficult part of a MITM attack in wired networks is getting in the middle without being detected. Usually this requires physical access to the network increasing the chances of being discovered.

In wireless network an attacker can insert his device in the the path of communication remotely and never expose himself making this one of the most dangerous types of wireless attacks. A MITM attack can be used to break connections such as SSL, SSH and VPN.

A wireless MITM utilizes a rogue access point, rogue station and phishing to exploit a user connected to the wireless network. Usually the rogue access point is implemented as a software based AP using a PC with dual wireless network interfaces.

Man-In-The-Middle Attack

(image source)

• ‘Evil Twin’ Wi-Fi Access Points Proliferate
  An evil twin access point as described in a Network World article is a Wi-Fi access point that appears to be a legitimate one offered...
• Rogue Wireless Station
  A rogue wireless station is an unauthorized station connected to a network via an access point. The access point used for connectivity can either be...
• Rogue Access Points
  Wireless LAN security for residential users is mainly about using the proper encryption. For corporate networks, securing against rogue access points is also important. Rogue...
• WiFi Phishing
  Below is the opening sentence from Wikipedia’s entry for “phishing”. In computing, phishing is a criminal activity using social engineering techniques. Phishers attempt to fraudulently...

If you liked this post, subscribe using below

WLAN Book RSS Feed

WLAN Book by Email

Filed under: WLAN Security