User:Avneet K/sandbox


 * Man-in-the-middle attack. (MitM)

A MitM attack occurs when a hacker inserts itself between the communications of a client and a server.

One of the common types of MitM is session hijacking

Session hijacking
In this type of MitM attack, an attacker hijacks a session between a trusted client and network server. The attacking computer substitutes its IP address for the trusted client while the server continues the session, believing it is communicating with the client. For instance, the attack might unfold like this:


 * 1) A client connects to a server.
 * 2) The attacker’s computer gains control of the client.
 * 3) The attacker’s computer disconnects the client from the server.
 * 4) The attacker’s computer replaces the client’s IP address with its own IP address and spoofs the client’s sequence numbers.
 * 5) The attacker’s computer continues dialog with the server and the server believes it is still communicating with the client.