Anyone looking for a good reason to bolster their transport layer protection (encrypting data transported over the internet) should look no further than the WiFi Pineapple device, a wireless device which lets you test (or perform!) man-in-the-middle attacks. The device is described on Pineapple’s website as:
“A favorite amongst hackers, penetration testers and security enthusiasts. With a talented community of developers this open-source wireless auditing tool brings ease-of-use to man-in-the-middle.”
The pineapple can intercept data sent over a wireless internet connection when an HTTPS form is not fully protected by an SSL certificate and secure coding best practices – a man-in-the-middle attack.
Man-in-the-middle: “A man in the middle attack is one in which the attacker intercepts messages in a public key exchange and then retransmits them, substituting his own public key for the requested one, so that the two original parties still appear to be communicating with each other.” – Techtarget
The Pineapple device sits between a victim’s PC or Smartphone and a web-based resource they are accessing. The Pineapple then manages to inspect data transferred between the two.
The pineapple achieves this in one of two ways:
- A random wireless access is set up in a public place offering free WiFi. The victim connects to the network and then to the internet, where insufficiently encrypted data is sent and intercepted.
- The Pineapple uses its Jasager (German for “The Yes Man”) feature which responds to your device’s search for a recognized network:
What can I do?
The key to defending against Man-in-the-middle attacks is to follow best practice with regards to transport layer protection and the use of SSL certificates. If you are looking to sure up your transport layer protection, here’s a cheat sheet to get you started.
No comments yet.