In: Computer Science
A close friend of yours watched a few episodes of a cybersecurity TV show and has become the resident expert on all things cybersecurity-related. They point out that you should never use public Wi-Fi as all traffic sent over the Wi-Fi network can be viewed by an attacker.
1) Do you agree with their assessment?
2) Which protocol sends data in cleartext? Which sends it encrypted?
3) What would happen if an attacker tries to passively view TLS encrypted traffic?
4) What would happen if an attacker actively tried to intercept TLS encrypted traffic. What is this attack called?
1.)
Yes, I agree with
the assessment as below are the risk in a public
wifi:
- Might be spoofed. Means your network requests can be transferred
to a different website where the data you have provided can be
compromised.
- Generally, most people use same password across multiple sites
over the internet. If you sign in to a public wifi, it might be so
possible that someone is having a silent look at your sign in
details and steals your password to get hold of many other
websites.
2.)
FTP -> File transfer protocol.
SNMP -> Simple netwrok management protocol
The above two establishes connection with other machines by
sending plain text data i.e. without encryption
HTTPS -> Hyper Text Transfer Protocol Secure
SSL -> Secure Sockets Layer.
The above two encrypts the data and then sends in a
network.
3.)
In case, the attacker is passively viewing the TLS packets, IP
spoofing attack can happen. In this type of attack, when a user
tries to access a web URL, the information that the user sends to
that URL is redirected to the attackers defined address (may be his
URL or website). From this, he can get hold of my data as my
request never reached the actual URL but went to SPOOFED URL.
4.)
In case, the attacker is actively viewing the TLS packets, he can
listen or view the information being sent from my system to the URL
where I am making some request.
ME ----------------> Server -> This has
Server ---------------> ME no issues
In case of active viewing or eavesdropping (secretly
viewing):-
ME --------------> Attacker ----------------->SERVER (Before
going to actual destination, the request is intercepted by the
attacker) MAN IN THE MIDDLE ATTACK
Kindly upvote if
this helped