11.1 Man-In-The-Middle-Attacks
What types of things can a man-in-the-middle do?
Financial sites - between login and authentication.// Connections meant to be secured by public or private keys.// Other sites that require logins - where there is something to be gained by having access.//
What can the Cain and Abel program do?
It will grab all of the passwords that go through FTP, HTTP, IMAP, LDAP Pop3, Telnet, et cetera, et cetera.
What is a man-in-the-middle attack?
a man-in-the-middle attack (MITM) is an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.
What is the basic idea behind ARP poisoning?
attacker sends (spoofed) Address Resolution Protocol (ARP) messages onto a local area network. associate the attacker's MAC address with the IP address of another host, such as the default gateway, causing any traffic meant for that IP address to be sent to the attacker instead.