Installation in the gap.
Oleg Petukhov, lawyer in the field of international law and personal data protection, information security specialist security, protection of information and personal data.
Telegram channel: https://t.me/protectioninformation
Telegram Group: https://t.me/informationprotection1
Website: https://legascom.ru
Email: online@legascom.ru
#informationprotection #informationsecurity
Another way to intercept traffic at the physical level is to install a node controlled by an attacker "in the gap", that is, when the network cable from the sender is physically connected to one port of this device, and the cable going to the recipient is connected to the second. With this configuration, a hacker can use various utilities to implement a Man In The Middle (MiTM) attack. This attack assumes that the attacker stands in the middle between the participants of the information exchange and performs interception and modification of the passing traffic.
Various techniques can be used to implement this type of attack. Our main goal is to force the traffic between the receiver and the receiver to go through the node we control. To do this, you must first prepare this very node, namely, configure traffic redirection and routing.
For packet forwarding, that is, unhindered forwarding between device ports, you can use a special command.
It is also necessary to review the netfilter rules so that they do not interfere with the passage of traffic. It won't be great if users simply lose their connection after the attack begins.
Well, let's check the routing settings using a special command.
We need packets that arrive on one interface to be able to continue to be sent unchanged from another interface.
Further, in the following posts, in most cases, the purpose of malicious attacks will be to redirect user traffic to a controlled node.