/g/ - Technology » Thread #51035231

[35 / 4 / ?]

Anonymous Tue 27 Oct 2015 06:16:59 No.51035231 View Reply Report Delete

Quoted By: >>51035265 >>51035272 >>51035284 >>51035307 >>51035341 >>51035522 >>51035664 >>51035694 >>51036702 >>51037024

How does /g/ deal with man in the middle attacks?

Anonymous

Anonymous Tue 27 Oct 2015 06:19:17 No.51035260 Report Delete

Quoted By: >>51035659

>Use https everywhere
>Don't connect to open WiFi networks
>Use strong router encryption at home

Anonymous

Anonymous Tue 27 Oct 2015 06:19:57 No.51035265 Report Delete

Quoted By:

>>51035231
>encrypt everything important
>don't log onto wells fargo at the mall
its rly ez

Anonymous

Anonymous Tue 27 Oct 2015 06:20:39 No.51035272 Report Delete

Quoted By:

>>51035231
Don't install fuckrandom certs from Botswana.

Anonymous

Anonymous Tue 27 Oct 2015 06:22:19 No.51035284 Report Delete

Quoted By: >>51035291 >>51035298 >>51035753

>>51035231
use incognito browsing

Anonymous

Anonymous Tue 27 Oct 2015 06:23:18 No.51035291 Report Delete

Quoted By:

>>51035284
this

Anonymous

View Same Google ImgOps iqdb SauceNAO 1435453956520.png, 50KiB, 471x490

Anonymous Tue 27 Oct 2015 06:23:51 No.51035298 Report Delete

Quoted By:

>>51035284

Anonymous

Anonymous Tue 27 Oct 2015 06:25:01 No.51035307 Report Delete

Quoted By: >>51035315

>>51035231
>ITT: people who don't understand what a MITM attack is

Anonymous

Anonymous Tue 27 Oct 2015 06:26:26 No.51035315 Report Delete

Quoted By: >>51035324

>>51035307
Found the neckbeard

Anonymous

Anonymous Tue 27 Oct 2015 06:27:49 No.51035324 Report Delete

Quoted By:

>>51035315
>Neckbeard
>Not a Security Guru

Anonymous

Anonymous Tue 27 Oct 2015 06:29:50 No.51035341 Report Delete

Quoted By: >>51035378

>>51035231
if someone has the resources to pull of an actual MITM (like in the pic), there's not much you can do unless you use pre-shared keys for everything. which obviously can't work for most applications.

Anonymous

Anonymous Tue 27 Oct 2015 06:30:04 No.51035343 Report Delete

Quoted By:

become the man in the middle

Anonymous

Anonymous Tue 27 Oct 2015 06:34:35 No.51035378 Report Delete

Quoted By: >>51035422

>>51035341
The fuck are you talking about? Its easy to set up authentication that detects when a rogue device is on the network. Even if they are spoofing and mac and IP. The fact that the MITM is a laptop in the image it will be acting as a wireless AP. With AES and the right security tool it will be easy to tell its a not the real machine.

Anonymous

Anonymous Tue 27 Oct 2015 06:40:49 No.51035422 Report Delete

Quoted By: >>51035771 >>51036711

>>51035378
a MITM doesn't have to be in your network. it could be anywhere in the route between client and server. like a rogue ISP.
as long as all traffic flows through them, they can completely circumvent public key cryptography by inserting their own keys into the flow. neither client nor server will be able to tell the difference.
doesn't work for pre-shared keys, but again, that's not really practical, because you'd have to set it up before the MITM came into play (like from a completely different connection). and it's completely out of the question for most applications like, say, browsing - because you can't just push some key to google's webserver.

Anonymous

Anonymous Tue 27 Oct 2015 06:52:14 No.51035513 Report Delete

Quoted By: >>51035573

public private key isn't as easy as just inserting your own keys, it is always possible to tell if something has changed the middle somewhere if the data has been encrypted. If the man in the middle was to read the data it would change the encryption and the message received on the other end would make no sense. This is why there are things like ECHELON which stores the data but can't read. For MITM to work properly it would require the MITM to have the key to unlock the data and then re-encrypt to send to the server.

Anonymous

Anonymous Tue 27 Oct 2015 06:53:11 No.51035522 Report Delete

Quoted By:

>>51035231
VPN

Anonymous

Anonymous Tue 27 Oct 2015 07:00:55 No.51035573 Report Delete

Quoted By: >>51035638 >>51035649 >>51035684

>>51035513
the MITM has the keys because he intercepts they are generated and exchanged on the fly. he intercepts them, replaces them with his own and all subsequent communication between client and server will be using the MITM's keys. he receives a message, decrypts it, reencrypts it using the original keys and passes it on. this is completely transparent to server and client.

Anonymous

Anonymous Tue 27 Oct 2015 07:08:59 No.51035638 Report Delete

Quoted By:

>>51035573
For that to happen the MITM must have been their from the start, then it would also be filtering through more than one person doing the same. Its going to look pretty fishy when the same key pops up time and time again from multiple users who go through this attack. The chance of this happening in the first place is so low as the required resources to do this would be huge, let alone the risk involved.

Anonymous

Anonymous Tue 27 Oct 2015 07:10:40 No.51035649 Report Delete

Quoted By: >>51035895

>>51035573
Which is what certificates and key signing prevents.

Anonymous

Anonymous Tue 27 Oct 2015 07:11:44 No.51035659 Report Delete

Quoted By: >>51035684

>>51035260
when HTTP is deprecated and all connections are using HTTPS, will MITM still be possible?

Anonymous

Anonymous Tue 27 Oct 2015 07:12:16 No.51035664 Report Delete

Quoted By: >>51035720

>>51035231
I truncate the SHA1 digest of the shared secret key to 128 bit and visualize it like pic related, and then meet up with the second user/server and verify authenticity.

Anonymous

Anonymous Tue 27 Oct 2015 07:14:15 No.51035684 Report Delete

Quoted By:

>>51035573
>>51035659
For https MITM either has to get access to original keys or use his own cert and that is not transparent to client.
Russian government forces ISPs to use the latter for IPs and domains hosting illegal info (drugs, bombs etc) to only restrict certain pages.

Anonymous

Anonymous Tue 27 Oct 2015 07:15:31 No.51035694 Report Delete

Quoted By: >>51035738

>>51035231
Be the man in the middle.

Anonymous

View Same Google ImgOps iqdb SauceNAO identicon.png, 43KiB, 540x960

Anonymous Tue 27 Oct 2015 07:18:39 No.51035720 Report Delete

Quoted By:

>>51035664
Fuck you captcha

Anonymous

Anonymous Tue 27 Oct 2015 07:20:21 No.51035738 Report Delete

Quoted By:

>>51035694
This is now a thread about honeypots and how to easily set up man-in-the-middle attacks.

https://www.youtube.com/watch?v=x0ma1vyHcyg

Anonymous

Anonymous Tue 27 Oct 2015 07:20:47 No.51035742 Report Delete

Quoted By: >>51035761

I ask him to change his ways

Anonymous

View Same Google ImgOps iqdb SauceNAO privateb.gif, 43KiB, 708x605

Anonymous Tue 27 Oct 2015 07:21:59 No.51035753 Report Delete

Quoted By:

>>51035284
>this guy

Anonymous

Anonymous Tue 27 Oct 2015 07:22:55 No.51035761 Report Delete

Quoted By:

>>51035742
I understood this post. No message could have been any clearer.

Anonymous

Anonymous Tue 27 Oct 2015 07:23:56 No.51035771 Report Delete

Quoted By:

>>51035422
>they can completely circumvent public key cryptography by inserting their own keys into the flow.
Ever heard of the CA model? It has its flaws but it prevents this naive approach?

Anonymous

Anonymous Tue 27 Oct 2015 07:40:31 No.51035895 Report Delete

Quoted By:

>>51035649
Which is why a MITM could spoof whatever server you are querying in order to verify the SSL cert and cuck you.

Anonymous

Anonymous Tue 27 Oct 2015 09:02:56 No.51036677 Report Delete

Quoted By:

What if the application comes with the public key of the server, and sends its own public key encrypted with the server's public key
Then the client sends its messages encrypted with its own private key

Anonymous

Anonymous Tue 27 Oct 2015 09:03:53 No.51036686 Report Delete

Quoted By:

Use IDS or NIDS.
Check the ARP table.
Configure the iptables.

Anonymous

Anonymous Tue 27 Oct 2015 09:05:33 No.51036702 Report Delete

Quoted By:

>>51035231
I don't. I've got nothing to hide.

Anonymous

Anonymous Tue 27 Oct 2015 09:06:33 No.51036711 Report Delete

Quoted By:

>>51035422
>they can completely circumvent public key cryptography by inserting their own keys into the flow
Do you even know what public key cryptography is? Handling trust is like ten minutes into the first class of cryptography 101

Anonymous

Anonymous Tue 27 Oct 2015 09:37:55 No.51037024 Report Delete

Quoted By:

>>51035231
Common Sense 2015

Subject

Name

E-mail

Password

Capcode	All Only User Posts Only Verified Posts Only Moderator Posts Only Manager Posts Only Admin Posts Only Developer Posts Only Founder Posts
Show Posts	All Only With Images Only Without Images Only Spoiler Images Only Non-Spoiler Images
Deleted Posts	All Only Deleted Posts Only Non-Deleted Posts
Ghost Posts	All Only Ghost Posts Only Non-Ghost Posts
Post Type	All Only Sticky Threads Only Opening Posts Only Reply Posts
Results	All Grouped By Threads
Order	Latest Posts First Oldest Posts First

On these boards

Your latest searches