Infosec Strategies and Best Practices by Joseph MacMillan

Author:Joseph MacMillan
Language: eng
Format: epub
Publisher: Packt Publishing Pvt Ltd
Published: 2021-05-24T00:00:00+00:00

MITM defense and detection

When looking at mitigating against MITM attacks, we need to look at cryptography. Cryptography can offer authentication, proving mathematically that the source of the message was legitimate, as well as proof of integrity, which can mathematically prove that the message hasn't been altered.

In order for this to work, you'll need a way to exchange keys or certificates, for example, a public key infrastructure, as we see in TLS traffic. If it can't be proven that the identity of the source or destination is valid, the session is ended, and communication stops. The weakness in this solution is that security is lost in the event that the Certificate Authority, which issues the cryptographic certificates, is compromised.

If you are capturing and analyzing your organization's network traffic, you would be able to gather information about each server your network interacts with, such as the source IP address, DNS name, X.509 certificate, Certificate Authority, and whether other clients have the same certificate.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.