Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Security Features

MITM via Proxy Example

Now your associate does his online banking, and you sit in the middle and watch him do it, get his username and password information, and alter information that he is transacting with. Most importantly, when he decides to log out of the bank, you give him a "bye-bye" message and actually keep open the link between your computer and the bank's server, so you can keep accessing his account.

This is a serious attack.

There are two products - again freely available - that allow you to demonstrate this behavior: ACHILLES and BURP proxy software.

Fatal Flaws In The SSL Secured World, Continued

Above is the BURP user interface.

You will see that the proxy program mimics the MITM receives your browser request for an Internet page.

Fatal Flaws In The SSL Secured World, Continued

Upon selecting to forward that page, the result is again returned to the proxy.

As a simple example, set up your proxy in your browser options screen. Now all traffic will travel through your proxy software. In the browser, look for Google. In the search screen type "achilles proxy" and submit.

Fatal Flaws In The SSL Secured World, Continued

You will see the HTTP request show up in the proxy.

Fatal Flaws In The SSL Secured World, Continued

In the intercept tab, look for the word "achilles".

Fatal Flaws In The SSL Secured World, Continued

Change that word to "burp".

Fatal Flaws In The SSL Secured World, Continued

Now, select the forward button and wait to receive the response from Google. Once you receive the response in the proxy, elect to allow it to go through to the browser.

You will notice that although you originally submitted "achilles" in the Google search, you have received back a search based on "burp".

Fatal Flaws In The SSL Secured World, Continued

"Ok," I hear you say. "Sure, why wouldn't it change, given that you told me to change it in the proxy." And therein lies the point of the exercise.

You opened a Google page and entered "achilles". You then intercepted that page in the proxy program and altered the word "achilles" to read "burp". Google received the changed word and executed and returned data based on that search.

If someone were doing this for real, you would have no control over what happened to your browser request page after you had submitted it. And it wouldn't be an innocuous site like Google to which the information was being sent. If this were your bank page, and you elected to pay your credit card bill of $1000, and a MITM intercepted it and changed it to $1, you would be a bit miffed. It doesn't take much imagination to think of even worse possible scenarios.

So, in the future, when you see the padlock icon in the browser, don't let your feeling of security get the better of you. And if you have been prompted with any message that implies that something is wrong, pay attention to it!

Incidentally, SSL can be configured to resist MITM attacks. We'll come back to this in a future article.

In Conclusion

There are some in the security business who advocate that strong passwords will solve most of the difficulties associated with identity management and authenticating users. But all of the previously mentioned attacks will break any non-ciphered password entered. Others advocate using Two Factor Authentication (covered next in the series), but even that is susceptible to the MITM attack.

With this information in hand, take a fresh and critical look at that login page when you next use it. You will be able to make your own mind up about the level of security afforded to you by your site administrator. This is particularly true in cases where you are parting with sensitive information.

So, you may ask, what can I do? Actually, not all that much. You can be wary of certificates, look out for malicious software on your computer, and so on. In the end, however, it is up to the security industry to create solutions that go to the roots of these problems, and systems administrators to implement those solutions and get ordinary users to employ them. There are many initiatives in progress to protect against these attacks, but not everyone has access to them yet. In the meantime, beware!

Pat McKenna is a security consultant and CTO with 2SA Plus, a company specializing in Two Factor Authentication and matters of Identity Management. He is 45 and has been in the IT business for 15 years, during which he has held many positions, including company director. Prior to a career in IT, he worked in the security & intelligence field. He is proficient with many computer languages, old and new, and has trained hundreds of programmers. His hobbies are chess and penetration testing (aka ethical hacking).

More Stuff

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Hi all,I would like to finally upgrade to ax network and here's my current setup:Optical modem -cat6-> Asus RT-AC88u (dual band AC1000 + 2167Mbps on g...
I have an rt-ac 3100. I need a deterrent to non-authorized devices using both wifi and ethernet. I know there is a wifi mac filter whitelist which wou...
It's been almost 2 years since I stopped regularly reviewing products. So regular readers of SmallNetBuilder have had plenty of time to develop other ...
Hi Guys,I currently have a AC3100 router and has recently been able to get my hands on a AC2900. I want to setup a AiMesh network. The routers will be...
https://onedrive.live.com/?authkey=...CE0!19515&parId=CCE5625ED3599CE0!1427&o=OneUpAvailable build(s)RT-AC68U386.1 (xx-xx-xxxx)Switched to the new 386...

Don't Miss These

  • 1
  • 2
  • 3