The MitM Man-in-the-Middle attack is the interception, by a third party, of data in transit between different users, or especially between a server and a user. The consequences can be unfortunate, since it means decrypting all communications between users and a server. Thus, passwords, personal data, personal contact information are at the mercy of hackers but malware can also be installed. More than a third of websites are vulnerable to this type of flaw.
For several months, a few names such as Heartbleed, Ghost, Poodle, Freak, Logjam, or even Drown, some being acronyms, have made their appearance to designate the various security flaws related to the transit and encryption of data. More specifically, these flaws affect servers that transmit encrypted data through SSL (Secure Socket Layer) or TLS (Transport Layer Security) protocols, i.e. HTTPS, IMAP SMTP, FTPS, etc. servers. These servers provide secure access to a web platform through a web browser.
More information on: https://drownattack.com/
What action can be taken to avoid these attacks?
These flaws are the result of a vulnerability in « encryption toolboxes » and their libraries, such as OpenSSL. New faults, with varying degrees of importance, are constantly being detected, hence the regular updates of these toolboxes. This means that experts only need to apply the necessary updates. Alert systems, such as Debian, constantly report security vulnerabilities in order to provide the best patches and/or patch the vulnerabilities.
