Go homepage(回首页) Upload pictures (上传图片) Write articles (发文字帖)
The author:(作者)归海一刀published in(发表于) 2014/5/31 8:04:34 “Man in the middle attack“
"Man in the middle attack" (MITM): hackers are spying on you-the middle attack, MITM, hacked, hack-IT news "Man in the middle attack" (MITM): hackers are spying on you
You just bought the coffee, even the coffee shop, WiFi, and get to work, these actions have repeated countless times before, everything was harmonious. But what you don't know is someone is spying on you, they monitor your network activity, steal your banking credentials, home address, personal e-mail and contacts, when you find it, it was too late.
The thief now has more than simply steals your purse on the subway, more advanced using network attacks to get your information, at the coffee shop when your Internet access to check your account information, and maybe hackers intercept your communications between computers and WiFi, watching your every move. That's "man in the middle attack" (MITM), and this attack was just one of the many methods hackers use to attack you.
Many hackers use network vulnerabilities so that they can clearly see the user's data. Even if the general public trust the corporate network vulnerabilities. Last March, the company was exposed hackers access to a customer's credit card information, social security number, home address, telephone number and other personal information. Recent gotofail vulnerabilities in Apple and Android VPN flaws reminds us: even mainstream operating systems have you may be placed in a dangerous situation.
HTTPS came out a while ago, "bleeding heart" event-may OpenSSL vulnerabilities is by far the most lively discussion. News said an attacker can track the OpenSSL distribution 64KB cache, copies the byte information beyond the scope necessary to cache and then returns the cached content, so that victims of memory, such as a password, credit card information and the private key of the server, and so on will be leaked each time the speed of 64KB. "Bleeding heart" vulnerability of 66 per cent of all Internet users, including some mainstream websites such as Yahoo, Flickr, Pinterest, and so on. This vulnerability allows MITM more dangerous. Even if HTTPS is open, but stolen certificate for an attacker can obtain valuable data, put you in a defenseless State.
Although OpenSSL "hearts bleeding" vulnerability and Apple gotofail vulnerability allows an attacker to easily access a variety of data, but in most cases, senior hackers were using other means. For example, some of the attackers by stripping you of SSL data encryption, using unsafe HTTP instead of HTTPS for all security. Users of other methods such as vulnerability to infiltrate a user's devices by using a browser. In either case, once an attacker exploits this vulnerability, he can see you all data sent between the equipment and receiver, including the user name and password.
Even as the "hearts bleeding" vulnerability has been patched due to the basic nature of the operating system, MITM threat still exists. This is because the attack technique that simulates the normal network protocol, so if operating system vendors try to stop MITM attack, the way they need to break the device to a legitimate online, which makes the problem worse. I'm sorry to tell you, all Ip based devices MITM to find loopholes.
As the number of mobile phones by the end of this year is about more than the Earth's population, there is no doubt that mobile phones will become the next hacking frontier zone. In addition to the number of devices, private security employees in the enterprise network spending is expected in 2017 to form explosive situation, it is estimated that 60% of all mobile data traffic will be transferred to the public network, the insecure public networks shift will lead to MITM the number increased significantly. Therefore, many people turn to install antivirus software to protect your mobile device. However, anti-virus software is not optimized for mobile architecture, this solution if you do not have root permissions to access the device's operating system, is also not to be able to monitor the activity of equipment. And a traditional PC security methods to unnecessary impact on the mobile device: operating system slower battery drain faster, and takes up more memory space. In addition, antivirus software can't find network detection, and is similar to behavior such as MITM, instead of looking for known malware signatures.
Individuals and organizations can use a variety of methods to protect their own equipment and network security, surprise is that many mainstream websites have recently begun to encrypt their service. Assumes that the URL of the Web site to read is "HTTP" instead of "HTTPS", a hacker can monitor your account information at any time, so if your Web site is not encrypted, and complete your own entire agreement, input "HTTPS", and a complete Web site, especially when filling out forms. The move while the senior cannot protect you from hacker attacks, but some more hackers are still useful. In the default case, some common services does not perform SSL, which allows hackers take advantage completely took over the account.
Enable virtual private network (VPN) is another solution, and in some cases could also play a protective role, VPN is a schema in a common network platform of Internet services provided by the above logic networks, data is transferred in logical link the user can play the role of information security. However, this method has some limitations. Since VPN is through the establishment of "safe passage" to achieve, this approach fails to protect mobile device use in public WiFi networks
In order to provide the best protection for sensitive data, individuals and organizations need to develop a comprehensive mobile security solution. While the traditional personal computers currently in the legal network's security has been guaranteed, but they should not affect the user experience based on the Terminal protection for the mobile device to protect these devices may experience all kinds of uncontrollable network. But take note, mobile security space is very noisy. While many companies claim to protect your cell phones, but few really do protect your bank account numbers and personal information from cyber attacks. Is currently the most popular anti-virus software does not protect you from even the most amateur attacks. So unless our work local and site loves to go into their mobile security approach, to take the necessary measures to protect their networks, or protect itself from hacker attacks the responsibility fell upon our own, perhaps sipping a cappuccino Cafe sits next to you that guy is stealing your information.
“中间人攻击”(MITM):黑客正在监视你 - 中间人攻击,MITM,黑客攻击,黑客 - IT资讯“中间人攻击”(MITM):黑客正在监视你
你拿着刚买的咖啡,连上了咖啡店的WiFi,然后开始工作,这样的动作在之前已经重复了无数遍,一切都和谐无比。但你不知道的是有人正在监视你,他们监视着你的各种网络活动,盗取你的银行凭证,家庭住址,个人电子邮件和联系人,当你发现的时候,已经晚了。
现在的小偷已经不仅仅是简单的在地铁上偷你的钱包,更高级的是使用网络攻击获取你的各种信息,当你在咖啡馆上网检查你的账户信息的时候,也许黑客就拦截了你电脑和WiFi之间的通信,监视着你的一举一动。这种方法就是“中间人攻击”(MITM),而这种攻击还仅仅是黑客用于攻击你的众多方法之一。
许多黑客都是利用网络漏洞使得自己能够很清晰的看见用户的各种数据。即使普遍受大众信赖的公司网络也会存在漏洞。去年三月,有公司就被曝光黑客获取了客户的信用卡资料,社保号码,家庭住址,电话号码等个人信息。苹果公司最近的gotofail漏洞以及安卓VPN缺陷都在提醒着我们:即使是主流的操作系统也有可能把你置于危险的情况中。
前段时间的https爆出“心脏出血”事件可能是目前讨论最热烈的OpenSSL漏洞。消息曝光称攻击者可以追踪OpenSSL所分配的64KB缓存,将超出必要范围的字节信息复制到缓存当中再返回缓存内容,这样一来受害者的内存内容如密码,信用卡信息和服务器的私钥等就会以每次64KB的速度进行泄露。“心脏出血”漏洞影响了百分之66的互联网用户,包括一些主流网站如雅虎,Flickr, Pinterest等等。这个漏洞使得MITM更加危险。即使HTTPS已经开启,但是攻击者可以用盗来的证书获取有价值的数据,基本使你处于毫无防备的状态。
虽然像OpenSSL的“心脏出血”漏洞以及苹果gotofail漏洞使得攻击者很轻易能够获得各种数据,但是大多数情况下,高级黑客还是会使用其他的手段。例如,一些攻击者会通过SSL剥离删除你的数据加密,用不安全的HTTP取代所有安全的HTTPS。其他方法如制造用户方的漏洞,通过浏览器来渗入用户的设备。在这两种情况下,一旦攻击者利用这个漏洞,他就能看到你的设备和接受者之间发送的所有数据,包括用户名和密码。
即使像“心脏出血”之类的漏洞已经被修补,由于操作系统工作的基本性质,MITM的威胁仍然存在。这是因为攻击技术模拟了正常的网络协议,所以如果操作系统厂商试图阻止MITM攻击,他们需要打破设备连接到合法网络的方式,而这样做就使得问题变得更加糟糕。我很遗憾的告诉你,所有基于Ip的设备都存在MITM能够找得到的漏洞。
随着今年年底之前手机数量即将超过地球人口数量,毫无疑问手机将成为下一波黑客攻击的前沿地带。除了设备的数量,员工在企业私人安全网络之外的消费预计在2017年形成爆炸形势,据估计所有移动数据流量的60%将转移到公共网络,这种不安全的公共网络的转变将导致MITM数量的明显增加。因此,很多人转向通过安装杀毒软件来保护自己的移动设备。但是杀毒软件并不适合移动架构,这种解决方案如果没有root权限访问设备的操作系统的话,也是不能够监控设备的活动情况。而且传统个人电脑的安全方法将对移动设备产生不必要的影响:操作系统变慢,电池消耗更快,且占用更多的内存空间等。此外,杀毒软件没有能力发现网络检测以及类似于MITM之类的行为,而是去寻找已知的恶意签名。
个人和组织都可以使用各种方法来保护自己的设备和网络安全,让人惊讶的是,许多主流网站最近在才开始对他们的服务进行加密。假设网站的URL读取的是“HTTP”而不是“HTTPS”,黑客就可以随时监视你的账户信息,所以如果网站没有加密的话,自己动手完整整个协议,输入包括“HTTPS”在内的完整的网址,尤其是在填写表格的时候。这一招虽然不能保护你免受高级黑客的攻击,但是对于一些比较菜的黑客还是有用的。在默认情况下,一些常用的服务不会执行SSL,这使得黑客有机可乘,完全接管了这些账户。
启用虚拟专用网(VPN)是另一种解决方案,在某些情况下也可以起到保护的作用,VPN是架构在公用网络服务商所提供的网络平台之上的逻辑网络,用户数据在逻辑链路中传输可以起到信息安全保护的作用。但是这种方法有一些限制。鉴于VPN是通过建立“安全通道”来实现,这种方法无法保护在公共WiFi下使用网络的移动设备
为了给一些敏感数据提供最佳保护,个人和组织需要发展一种全面地移动安全解决方案。虽然目前在合法网络情况下传统个人电脑的安全已经得到保障,但是这些组织应该在不影响用户体验感的基础上,为移动设备提供终端保护,保护这些设备可能遇到的各种不可控网络。但是要注意,移动安全空间非常的吵杂。虽然很多公司都声称可以保护你的手机,但是很少能够真正的做到保护你的银行帐号和个人信息免受网络的攻击。当前最流行的杀毒软件甚至不能保护你免于最业余的攻击。所以除非我们工作的地方,爱去的网站转变他们移动安全的方法,采取必要的措施来保护他们的网络,否则自我保护免于黑客攻击的责任就落在了我们自己的身上,也许咖啡馆里坐你隔壁喝着卡布奇诺的那个家伙就正在盗取你的信息。
赞