Man-in-the-middle (MITM) attack is a phenomenon by which an attacker obstructs communication between two parties where the communication needs to be direct. In this case, both parties are unaware of the attack that have crop up. Involvement of physical proximity or use of malware to obstruct communications (a man-in-the-browser attack) are a part of this attack. Generally the financial transactions, secured connections, and other interactions involving username and password are attacked.
Also, there can be the use of many different methods for obstructing communications like, email, session, or IP hijacking, Wi-Fi® eavesdropping, Trojan attacks, DNS spoofing, or HTTP injections.
Besides the chances of being attacked, there are ways to prevent it too.
MITM Attack Prevention
There are various ways by which a user can protect oneself from this MITM attack.
Website Owners
If a person is a server or a website owner,
Never miss checking whether or not, the website uses secure communication protocols (like TLS and HTTPS). These protocols act as a protector against spoofing attacks.
Also, one should see to it that website applications make use of SSL/TLS to secure every page of the website rather than only those pages requiring authentication. This step will stop the attackers from accessing session cookies on those portions of the website which are unsecured.
Individual Users
If a person is a user of the internet,
Compulsorily use up-to-date anti-malware software for protecting and maintaining the security of online devices. Ensuring that the operating system and browser are up to date is mandatory.
Never use unsecured, distrusted Wi-Fi connections because attackers can easily scan the available Wi-Fi hotspots to search these insecure or default passwords, or those router configurations that are easily exploitable.
Maintaining extreme caution while connecting to publicly-accessible Wi-Fi routers is very important. If a user uses public Wi-Fi connections, remember to configure the devices to use a Virtual Private Network (VPN) without fail.
Ensuring secured configuration of the home and office Wi-Fi routers or use of adequate precautions for online communications is a necessity.
Check whether the websites that the user's access includes the https:// protocol in their URLs and have certificate authority-signed SSL certificates.
Paying attention to browser notifications about unsecured websites and immediate logging out of secure websites after you using them is compulsory.
In cPanel And WHM
Warnings about potential MITM attacks are displayed in some of the cPanel and WHM features, like in cPanel’s Git Version Control interface (cPanel >> Home >> Files >> Git Version Control). Here, warnings are displayed in case the system fails to validate an unknown clone URL’s public fingerprint.