The Internet can be a dangerous place. Hackers and scammers are at every turn, looking for new ways to exploit vulnerable users. One of the most common ways hackers can exploit user data is through what is known as a Man in the Middle attack. Learn how this attack operates and how to avoid it with DD-WRT or Tomato firmware.
What Is A Man In The Middle Attack?
The basic premise of a Man in the Middle (or MITM) attack is to redirect user communication and personal information from a trusted party to an illegitimate third-party source. The most popular sources of this attack include:
- Bank websites
- E-commerce websites
- SaaS businesses
The MITM attacker will attempt to redirect a user from a legitimate website to a fake site they have created and ask for a victim’s login or personal information. Above all, in recent times, attackers have developed sophisticated fakes that resemble the intended website. Meaning, even experienced users can still fall prey to MITM attacks. While victims believe they are logging in to their bank account or purchasing a product, they are actually sending their personal information to an identity thief. Therefore, staying alert and vigilant is key.
There are many ways that a MITM account can redirect someone to the fake website. One way is through malware. Malware can be installed on any computer or browser that collects any information entered on a website, even if it’s secured.
Types of Man in the Middle Attacks
A more common Man in the Middle attack uses a router that isn’t secured. Here are a few ways a MITM attack can redirect a browser to an unsecured web page:
If the website visited doesn’t include HTTPS in the URL, the website is unsecured. Not all websites that use HTTP in the URL are MITM attacks, but they are highly susceptible to attacks that trick browsers into redirecting traffic to unsecured sites. Users need to be on guard and only visit HTTPS web pages, particularly if they’re making a purchase or submitting any personal information. Even when using an HTTPS server, 95 percent don’t use the correct HTTP Strict Transport Security features that protect users from MITM attacks.
Similar to HTTPS spoofing, an attacker can alter the IP address packet headers to gain access to a user’s personal information. While a user accesses a URL the MITM has access to all information they enter.
SSL, or Secure Sockets Layer, is a way to establish an encrypted link between the web server and a browser. This redirects a computer from an unsecured HTTP address to a secured HTTPS server. SSL stripping interrupts that connection and allows another computer to intercept all information sent by the computer to the web server.
Another common MITM interception is through e-mails. If users receive an e-mail from a financial institution that requests login information, they must never reply to that e-mail directly. A bank or other institution should never ask for information over e-mail because e-mail addresses are easy to spoof. Any request for e-mailed information is likely a MITM attack.
Even WiFi could be the gateway used to conduct a MITM attack. Public WiFi signals are usually unsecured, which allows potential hackers to intercept personal information being entered while connected to the server. Even if using a secured web page, avoid entering login information when using public WiFi.
This is far from an exhaustive list of all the ways a computer can be targeted by a MITM attack. However, these are the most common and the easiest to guard against.
Preventing a Man in the Middle Attack
MITM attacks are preventable. With the right tools and tricks, you’ll be able to log in and shop online safely and securely. One of the best ways is to use a secure open source VPN router with DD-WRT firmware.
Not only will these routers give you more protection when it comes to MITM attacks, but you’ll also enjoy more a more stable network, dynamic VPN/server integration, and support for OpenVPN and PPTP.
Taking advantage of a VPN on the router level will provide an additional layer of encryption. Recommended VPN providers for preventing MITM attacks include:
- Military grade encryption
- Award winning customer service
- 5000+ Servers in 60+ Countries
- Most popular economy service VPN
- Great for traveling abroad
- 3180 Servers in 33 Countries
- No logs
- Owns and operates their own servers
- 1,100+ VPN servers in 60+ countries
A router with open source firmware will protect you from many MITM attacks, but you still need to consider where and when you input personal information. Never give out personal information to an unconfirmed email address, and avoid HTTP addresses, particularly when using public WiFi.
Prevent Man In The Middle Attacks With a VPN Router
A FlashRouter like the Linksys WRT3200ACM (pictured above), is a router that has been flashed with Open Source firmware. Flashing a router with Open Source firmware removes any bugs or backdoors found in the router’s factory settings and opens the door for the device to be used as a tunnel to the VPN server of your choice.
Recommend devices for preventing MITM attacks include:
1 GHz Broadcom Processor
3 Ext Antennas
Top Economy Router
1.6 GHz Marvell Processor
4 Ext Antennas
Great for Streaming
1.7 GHz Qualcomm Processor
4 External Antennas
One of Our Most Powerful Routers
Benefits of the FlashRouters Privacy App
Every DD-WRT FlashRouter comes with the free FlashRouters Privacy App. The FlashRouters Privacy App revolutionizes and simplifies using a DD-WRT router with a VPN. With the Privacy App, users can:
- Switch between locations with the tap of a button.
- Manage which devices go through the VPN and which don’t.
- Change VPN Providers with a few clicks on the same device.
Want better support for your entire network? The FlashRouters Privacy App is here to help.
To find a full list of features, screenshots, visit our FlashRouters Privacy App website.
Have any other questions on preventing Man in the Middle attacks? Feel free to contact us.