Home
Topics
Enterprise network security and data protection
Network and endpoint security tools and technologies
man-in-the-middle (MitM) attack

Definition

man-in-the-middle (MitM) attack

What is a man-in-the-middle (MitM) attack?

A man-in-the-middle (MitM) attack is an exploit in which an intruder intercepts communications between two parties, usually an end user and a website. The attacker can use the information accessed to commit identity theft or other types of fraud.

Users can protect themselves from a traditional man-in-the-middle attack by refraining from logging into sites where sensitive data is maintaned while on a public network. However, a variation on that exploit, called an "active man-in-the-middle attack" makes it possible for an intruder to access information for any site that the user logs into at other times.

Related glossary terms: active man-in-the-middle attack (MitM), Paladion, CERT-In (the Indian Computer Emergency Response Team), vulnerability management, GajShield , network intrusion protection system (NIPS), Metasploit Project - Metasploit Framework, SafeSquid

This was last updated in January 2010

Posted by: Margaret Rouse

Email Alerts

Register now to receive SearchSecurity.in-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

More News and Tutorials

A CIO's five-point plan for managing endpoint security

Niel Nickolaisen offers a five-point solution for managing endpoint security for the hyper-connected enterprise -- starting with data governance.
IT pros must be responsible for cloud data security needs

Although IT cedes some control by using public cloud, cloud data security ultimately falls on the organization -- not the vendor.
Research highlights speed, frequency of ICS security attacks

A new Trend Micro study using honeypots for research highlights an alarming number and variety of attempted ICS security breaches.

Articles

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

Research More Tech Terms

Search thousands of tech definitions
Browse tech definitions
Browse Alphabetically:
- A
- B
- C
- D
- E
- F
- G
- H
- I
- J
- K
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- X
- Y
- Z
- #

Powered by WhatIs.com

File Extensions and File Formats

File Extension and File Formats List:

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
#

Powered by WhatIs.com

More from Related TechTarget Sites

CIO
Data Center
Business Intelligence
Security
SMB Security
Financial Security

CIO
- Indian health care needs IT boost
  
  Health care providers in India will spend 57 billion rupees on IT products and services in 2013 compared to 53 billion rupees spent in 2012.
- Indian enterprises invest in IT for growth
  
  In 2013, Indian CIOs increasingly will spend money on IT aimed at helping their business grow, according to a joint survey from the CIO Klub and Ernst & Young India.
- As IT pervades the enterprise, here comes the chief procurement officer
  
  The rise of the chief procurement officer raises questions about the role of IT.
Data Center
- Making mainframe technology hip again
  
  IBM keeps improving mainframe technology, but what is the long-term forecast for big iron as third-party tools decline and mainframe experts retire?
- Determining the best Linux distribution for your enterprise
  
  There are many flavors of Linux, making the selection process for the best Linux distribution for your business difficult to whittle down.
- Cloud critical to e-governance in India
  
  The Government of India is expanding e-governance throughout the country and is working on embracing cloud computing for it.
searchBusinessIntelligenceIN
- Exploring the 'Big Data Frontier'
  
  IT business strategist Harvey Koeppel draws on historical data to explore the 'Big Data Frontier' and its potential to profoundly change the world.
- Making mobile BI applications a reality: Key steps to take
  
  In a podcast, BI expert William McKnight discusses best practices and action items for managing deployments of mobile business intelligence tools.
- Get execs to get it on the business value a BI program can bring
  
  Backing from top executives can be crucial on business intelligence projects, and BI managers shouldn't shy away from the challenge of getting them on board.
Security
- IT certification guide: Vendor-specific information security certifications
  
  Experts Ed Tittel and Mary Lemons provide a 2013 overview of vendor-specific information security certifications available.
- Introduction: Vendor-neutral security certifications for your career path
  
  Ed Tittel and Mary Lemons offer the definitive primer for vendor-neutral security certifications in 2013.
- SearchSecurity.com's IT security certifications guide
  
  Afraid of making a wrong turn in your career? Our newly updated 2013 guide to information security certifications maps out all your options.
searchMidmarketSecurity
- Windows Phone 7 security: Assessing WP7 security features
  
  Windows Phone 7 security features are proving to be a mixed bag. Sam Cattle assesses the enterprise security pros and cons of the latest Windows mobile platform.
- Choosing the best security certifications for your career
  
  Whether starting your career or planning your next step as an IT security professional, this tip will guide you toward the best certifications for your interests and experience.
- Midmarket security tutorials
  
  SearchMidmarketSecurity.com’s tutorials offer IT professionals in-depth lessons and technical advice on the hottest topics in the midmarket IT security industry. Through our tutorials we seek to provide site members with the foundational knowledge needed to deal with the increasingly challenging job of keeping their organizations secure.
searchFinancialSecurity
- PayPal CISO: Laws must foster better cybersecurity information sharing
  
  PayPal's Michael Barrett says many firms fear misuse of shared cybersecurity data. He also discusses the evolution of PCI DSS and mobile payment security.
- Cybergang plans to use Trojan against U.S. banks
  
  A cybergang in Eastern Europe revealed plans to attack U.S. banks with a Gozi-like Trojan, according to RSA.
- Improved Shylock Trojan targets banking users
  
  The latest variant of the banking Trojan is causing numerous problems, Symantec said.

All Rights Reserved,Copyright 2009 - 2013, TechTarget