The monkey in the middle attacks

Denis Ducamp

1. The monkey in the middle attacks

2. Introduction

3. dsniff, the tool box

4. Dug Song

5. sshmitm

6. webmitm

7. dsniff

8. Other tools

9. Libraries

10. Why does this work ?

11. SSHv1

12. SSHv2

13. HTTPS

14. Signs of an attack ?

15. SSH

16. HTTPS

17. HTTPS (bad certificate 1/2)

18. HTTPS (bad certificate 2/2)

19. HTTPS (unknown authority 1/2)

20. HTTPS (unknown authority 2/2)

21. How to protect himself ?

22. SSH

23. What doesn't work against sshmitm

24. HTTPS

25. What doesn't work against webmitm

26. Conclusion

27. References

28. Thanks for your attention