A man-in-the-middle (MITM) attack occurs when an attacker inserts himself between two devices and is able to read, insert, modify messages between the two devices.

The most difficult part of a MITM attack in wired networks is getting in the middle without being detected. Usually this requires physical access to the network increasing the chances of being discovered.

In wireless network an attacker can insert his device in the the path of communication remotely and never expose himself making this one of the most dangerous types of wireless attacks. A MITM attack can be used to break connections such as SSL, SSH and VPN.

A wireless MITM utilizes a rogue access point, rogue station and phishing to exploit a user connected to the wireless network. Usually the rogue access point is implemented as a software based AP using a PC with dual wireless network interfaces.

Man-In-The-Middle Attack

(image source)

• Rogue Access Point Detection Using iWIDS
  Rogue Access Point Detection Using iWIDS iWIDS is an online wireless instrusion detection system (WIDS) that leverages the wireless scanning capabilities of a Windows XP/Vista/7...
• DoD Commercial WLAN Technologies Instruction 8420.01
  DoD Commercial WLAN Technologies Instruction 8420.01 The US Department of Defense (DOD) released a commercial wireless local area network (WLAN) devices, systems, and technologies Instruction...
• BridgeChecker v1.2 Available for Download
  BridgeChecker v1.2 Available for Download BridgeChecker v1.2 and previous versions are available for download from the BridgeChecker Download page. BridgeChecker User Guide This version has...

If you liked this post, subscribe using below

WLAN Book RSS Feed

WLAN Book by Email

Filed under: WLAN Security