What is man-in-the-middle (MitM) attack? - Definition from WhatIs.com

Home
Topics
Enterprise network security and data protection
Network and endpoint security tools and technologies
man-in-the-middle (MitM) attack

Definition

man-in-the-middle (MitM) attack

What is a man-in-the-middle (MitM) attack?

A man-in-the-middle (MitM) attack is an exploit in which an intruder intercepts communications between two parties, usually an end user and a website. The attacker can use the information accessed to commit identity theft or other types of fraud.

Users can protect themselves from a traditional man-in-the-middle attack by refraining from logging into sites where sensitive data is maintaned while on a public network. However, a variation on that exploit, called an "active man-in-the-middle attack" makes it possible for an intruder to access information for any site that the user logs into at other times.

Related glossary terms: active man-in-the-middle attack (MitM), CERT-In (the Indian Computer Emergency Response Team), vulnerability management, GajShield , network intrusion protection system (NIPS), Metasploit Project - Metasploit Framework

This was last updated in January 2010

Editorial Director: Margaret Rouse

Dig Deeper

Exploit development tutorial - Part Deux

In our exploit development tutorial’s second part, we examine how you can write exploits in PERL. Then we see how to port exploits by scripting in Ruby.
F5 Vault program embraces incentives for F5 firewall, security sales

The Vault partner program uses incentives to increase visibility for F5 firewalls and its architecture bundle.
Symantec acquires Nukona for MDM, mobile application control

Analyst says move is important step in addressing the need for mobile application control and document management capabilities.

People who read this also read...

Show me more

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

Research More Tech Terms

Search thousands of tech definitions
Browse tech definitions
Browse Alphabetically:
- A
- B
- C
- D
- E
- F
- G
- H
- I
- J
- K
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- X
- Y
- Z
- #

Powered by WhatIs.com

File Extensions and File Formats

File Extension and File Formats List:

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
#

Powered by WhatIs.com

More from Related TechTarget Sites

CIO
Data Center
Business Intelligence
Security
SMB Security
Financial Security

CIO
- HyperCITY’s retail store management system: Profit with promotions
  
  HyperCITY services a million customers selling them about 40,000 products. Know how one of India’s largest hypermarket chains accomplishes this.
- HP and Dell dominate server market but struggle in cloud
  
  HP and Dell are the largest hardware makers, but the two companies struggle to present strategies that portray them as serious cloud players.
- Four CRM implementation best practices
  
  Ready to invest in CRM? Follow these best practices to ensure your implementation delivers results.
Data Center
- SAN backup and recovery
  
  Moving data can complicate your backup efforts. In this tip, you’ll learn backup goals for SAN environments and backup methods to achieve those goals.
- Why vCloud Architect will be the next must-have cloud certification
  
  While there is no official VMware cloud certification yet, IT pros hoping to get ahead should abandon the siloed approach to IT and prepare to lead their organization to the cloud.
- Facebook Open Compute Project a role model for data centers
  
  Data center experts say most enterprises can’t imitate Facebook’s Open Compute Project, but they could reap the benefits over time.
searchBusinessIntelligenceIN
- To glean value from 'big data' projects, it may take more than Hadoop
  
  Organizations will have to push beyond storage requirements and basic business intelligence tools to exploit big data, according to a Gartner analyst.
- Podcast: How to craft an effective MDM strategy
  
  In this podcast interview, Andy Hayler gives advice on how to create and implement an MDM strategy that is ruthlessly focused on business value.
- On the go the way to go? Answer lies with building mobile BI business case
  
  According to a recent Gartner survey, mobile technology is the second most important priority for CIOs in 2012, but building the business case is easier said than done.
Security
- Adobe and HTML 5: Safer than Flash mobile development?
  
  Expert Nick Lewis determines whether the combination of Adobe and HTML 5 will be safer for enterprises than Flash mobile development.
- MDM security features vs. mobile native security: Striking a balance
  
  MDM features abound, but should they always trump native security features of mobile devices? Lisa Phifer discusses the pros and cons.
- Download presentations from Information Security Decisions 2012
  
  At ISD 2012, many of the industry's leading information security experts gathered to share vendor-neutral expertise and proven security strategies.
searchMidmarketSecurity
- Windows Phone 7 security: Assessing WP7 security features
  
  Windows Phone 7 security features are proving to be a mixed bag. Sam Cattle assesses the enterprise security pros and cons of the latest Windows mobile platform.
- Choosing the best security certifications for your career
  
  Whether starting your career or planning your next step as an IT security professional, this tip will guide you toward the best certifications for your interests and experience.
- Midmarket security tutorials
  
  SearchMidmarketSecurity.com’s tutorials offer IT professionals in-depth lessons and technical advice on the hottest topics in the midmarket IT security industry. Through our tutorials we seek to provide site members with the foundational knowledge needed to deal with the increasingly challenging job of keeping their organizations secure.
searchFinancialSecurity
- Microsoft attempts legal action to disrupt some Zeus botnets
  
  Legal and technical actions could disrupt some Zeus botnet operations by seizing command-and-control servers in Pennsylvania and Illinois.
- More than hype: Security big data helps bank to boost security program
  
  At RSA Conference 2012, Zions Bancorporation detailed how it harvested security big data using a Hadoop-based security data warehouse.
- Web application threats: What you really need to know
  
  In this special presentation, Mike Rothman details today's top Web application threats and pragmatic methods to integrate security into the Web application development process.

All Rights Reserved, Copyright 2009 - 2012, TechTarget