Contact Us

Virtually all network communications are susceptible to what are known as "Man-in-the-Middle" (Man-in-the-middle) attacks. The name describes the nature of the vulnerability fairly well - some entity is able to intercept the communications between two other entities and either change what the communicating entities receive, or take advantage of the intercepted information.

But I use Encryption!

Some Man-in-the-middle attacks can be mitigated by encrypting the messages, adding some form of unalterable authentication to the messages, or both. Protocols such as IPsec, SSL, TLS, and ssh are examples where such mitigation has been formalized and widely implemented. Other Man-in-the-middle attacks occur at layers that have no protection available, such as the classic "Ping of death" which can cause TCP/IP stacks to fail. Such attacks are only mitigated by careful programming and stress testing at extremes.

But we Never Tested Under Real-world Conditions!

Those who invent and even implement such protocols need to be able to test their creations in near real-world conditions. This includes protocol stack writers, equipment vendors, and application developers. All need to be mindful of these attacks and should try to perform some due diligence to validate that their communications are either not easily subverted by Man-in-the-middle attacks, or measuring and objectively reporting the extent to which they are open to such attacks.

Maxwell Pro is designed to perform Man-in-the-middle attacks under real-world conditions. It is in fact placed literally "in-the-middle" and can be programmed to perform many sorts of probes and alterations of transiting packets in a stateful manner. It provides both a simple script language that allows quick and easy packet alteration (via our "Alter" impairment) from a GUI - and a more sophisticated interface allowing a user to write C or C++ modules to alter or spy on packet traffic. A few simple Man-in-the-middle scenarios are included as examples in the standard Maxwell Pro product.

What about SSL and TLS?

Another example of an already available Man-in-the-middle module is one that tests the robustness and conformance of the TLS 1.2 protocol. This is available as an extension to the TCP/IP test suite, which is implemented as a Man-in-the-middle module. In fact almost all the TCP/IP test suite tests can be run as Man-in-the-middle attacks (such as "Ping of death".)

Want to know more about Man-in-the-Middle attacks?


SSL Security Flaw in iOS

Technical Details

Not sure what you need?