Computer security is a big deal these days.  Of course, you want to keep yourself safe, but there are so many threats that it is hard to keep track.  Man-in-the-middle attacks, for example, are very common, allowing for attackers to sneak into communications between two target hosts.

ROGUE ACCESS POINT

In a rogue access point Man-In-The-Middle attack, threat actors could attempt to take advantage of routine government computer behaviors in which wireless cards automatically connect with an access point that emits the strongest signal.  Thus, the attack will trick nearby devices into join its domain instead of a legitimate one.  In this attack, the victim’s network traffic can be manipulated by the one who initiated the attack. This is dangerous, the attacker does not need to be a part of a trusted network in order to enact the attack, and they just need to be close enough to employ the deception.

ADDRESS RESOLUTION PROTOCOL SPOOFING

Also known as ARP, for short, this type of Man-In-The-Middle computer security attack attempts to resolve IP addresses to various physical media access control (MAC) addresses within some local area network (LAN).  This way, when a host needs to communicate with another host using a given IP address, it makes a reference to the ARP cache and resolves the IP address to a MAC address. Basically, then, an attacker could simply pose as another host and answer this IP resolution request.

DNS SPOOFING

Similar to the others, DNS Spoofing involves the resolving of domain names to IP addresses but the attacker makes an attempt to introduce corrupt DNS cache information to a particular host when it is attempting to access another host.

Multicast DNS SPOOFING

In mDNS, a DNS is performed on a local area network using an ARP or similar broadcast method.  This makes an excellent target for spoofing as it exploits the simplicity of LAN resolution, in which the local name resolution system would normally make the configuration settings of the network devices as simple as possible. Users do not need to know which addresses the devices should be communicating with because they let the system resolve it.  In this type of attack, an app will attempt to clarify the address of another device and an attacker will respond to that request with their own fake data which is filled with instructions for resolving to a manipulated address.

Hikvision, a security camera company deals successfully to avoid suck attacks and give safety to their users and recently they won Homeland Security Award for Memphis Police Department.

About The Author