CCSP SelfStudy CCSP CSI: Exam Certification Guide, Second Edition [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

CCSP SelfStudy CCSP CSI: Exam Certification Guide, Second Edition [Electronic resources] - نسخه متنی

Tebyan

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
ارسال به دوستان
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات
توضیحات
افزودن یادداشت جدید











  • Man-In-The-Middle Attacks


    Man-in-the-middle attacks cover situations in which the attacker is able to intercept packets that are crossing a network, modify or falsify the information in those packets, and then reinject the modified packets into the network. These attacks can be used to capture sensitive information, hijack ongoing sessions, create DoS occurrences, corrupt transmitted data, or introduce new, typically false, information into network sessions.

    An example of a man-in-the-middle attack is shown in Figure 7-1. Here, the attacker intercepts and establishes a communication link with the web server client on the left in step 1. This can be done by spoofing the IP address of the real web server, WWW, in the client's DNS server in Figure 7-1. When the client queries the DNS server for the IP address of the web server, WWW, the DNS server responds with the IP address of the attacker's host. The attacker's host is running a web server with web pages that are identical, or nearly identical, to the web pages on the real web server, WWW. The client connects to the attacker's web server and inputs their information, as shown in step 2. The attacker's host then connects to the real web server, WWW, establishes a connection, and relays the client information to the server in step 3. The response from the server is then relayed back to the client system in steps 4 and 5.

    Figure 7-1. Man-In-The-Middle Attack


  • / 290