Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [man-in-the-middle]

42 questions
2
votes
3 answers

man-in-the-middle attack over internet

I'm interested in understand the mechanism of man-in-the-middle attack. I know that, in a LAN scenario, in order to do an MitM attack, an attacker usually changes the routing table of the targeted devices (ARP poisoning). But in an internet context,…
Matteo
  • 81
  • 1
  • 9
2
votes
4 answers

Man-in-the-middle attack in the SSL scenario

I'm trying to understand how would a man-in-the-middle attack affect my web server. I have a self-signed certificate. This certificate can be faked through the man-in-the-middle attack, which means that everything that I send from the browser will…
vikp
  • 287
  • 2
  • 4
  • 8
1
vote
1 answer

how to man-in-the-middle blocking/intercepting/editing all network traffic going to a single cabled device and a server

I need to completely block and intercept and alter all packets going between two devices. possibly i need to isolate one device and block/intercept/edit ALL traffic going to and from it if i cannot find the cause in the packets between the devices.…
Ya Guy Godzilla
  • 11
  • 2
1
vote
1 answer

Is it possible to DNS spoof SSL certificate authority?

This site claims HTTPS is not enough security, as the CA itself could be DNS spoofed https://protonvpn.com/blog/public-wifi-and-https/ That seems unlikely to be true. If Chrome is keeping a local list of trusted certificate authorities, why wouldn't…
user12341234
  • 147
  • 2
  • 7
1
vote
1 answer

What can the cause be of very sporadic "ERR_CERT_AUTHORITY_INVALID" message?

Our platform has 10.000s weekly users, but now I get from a (B2B) client that one of their subclients got the "invalid certificate" message on our platform. They attached the screenshot as proof. Now I found this answer:…
Dirk Boer
  • 485
  • 1
  • 3
  • 10
1
vote
2 answers

Cannot validate certificate hostname without SNI

I am using 2 proxies to intercept the communication between my phone and my server. Here is my topology: phone --> proxy 1 --> proxy 2 --> server proxy1 is listening to port 8080, proxy 2 is listening to port 8080 but I redirect all what it gets to…
yosra
  • 111
  • 5
1
vote
1 answer

Kerberos SSH Man-in-the-Middle for Data Sniffing

Kerberos clearly keeps an attacker from getting a user's credentials in an SSH man-in-the-middle scenario (one where the attacker has gotten the user to trust their server's public key and redirects traffic through that server). However, what if an…
Bubba
  • 23
  • 4
1
vote
3 answers

Transparent proxy and HTTPS with squid

Is is possibile to use a transparent proxy to filter some domains without a man-in-the-middle approach? I would like to guarantee the certificate verification and user privacy, by other hand, I want to deny connection to some domain. Is it possibile…
Tobia
  • 1,272
  • 9
  • 41
  • 81
1
vote
1 answer

How to configure squid for inspecting https requests and pages?

I wish to allow squid to block https requests by full URL regex matching (not just domain) and to block https responses by inspecting page contents. Is there some step by step guide for how to set that up? Particularly, in…
SQwe
  • 41
  • 1
  • 1
  • 4
1
vote
1 answer

Set HTTP/HTTPS man-in-the-middle proxy for webserver (Apache2)

To log all http/https requests by a specific application, we use man-in-the-middle proxies (set as http or SOCKS5 proxies). On our local Windows and Mac machines, we usually 'proxify' apps or temporarily set a system-wide proxy. This works like a…
Rick
  • 53
  • 1
  • 5
0
votes
1 answer

Bridge filtering for man-in-the-middle network node

I am inserting my network node between 2 legacy devices that exchange tcp and udp messages using dedicated ports, in both directions. My new node needs to push some tcp/udp messages through transparently, and intercept other tcp/udp messages for…
markm
  • 1
  • 2
0
votes
0 answers

How to relay videos blocked by firewall on client side?

We have embedded Vimeo videos on a site accesible only to logged in users. Because of different firewalls, using different types of blocks, the videos sometimes do not work for the client. We cannot: know which kind of block the videos trigger on…
Gaia
  • 1,855
  • 5
  • 34
  • 60
0
votes
1 answer

Why was my custom port ssh connection to an EC2 instance intermittently failing?

The actual problem was solved by changing the port number but I don't believe I understood why it was happening in the first place and so I'd like to get to the bottom of it for next time, especially because hostile action cannot be ruled out. I…
bp.
  • 101
  • 1
0
votes
1 answer

Does TLS 1.2 prevent MITM sniffing with proxy certificate?

I've used jMeter proxy to inspect SSL traffic coming from my iPhone, by installing the jMeter certificate on the iPhone and then configuring my wifi on the phone to use the jMeter proxy. If I want to prevent this MITM sniffing for a particular…
Fraggle
  • 61
  • 1
  • 3
  • 10
0
votes
1 answer

Is it safe to communicate between Compute Engine instances in plaintext?

According to their documentation: Networks and subnetworks handle communication between instances and serve as a gateway between instances and other networks. A network is constrained to a single project; it cannot span projects. However, a project…
elipoultorak
  • 111
1
2
3