I have question about if MITM works across remote systems? Often, I'm doing internal penetration test, but I'm not sure about how to do MITM attack when I am outside from that network. Does classic ARP+DNS spoofing work across remote systems?
Asked
Active
Viewed 2,889 times
1 Answers
0
It depends on what type of MitM attack you're working with.
- ARP Poisoning - This only works when you have an Ethernet connection on the LAN, since it works by spoofing identities using OSI Layer 2 technologies, ARP MAC-to-IP bindings. This seems to be the type of attack you are familiar with.
- BGP Redirection - This works on the Internet since it involves affecting IP routes in the IP routing protocol, Border Gateway Protocol. In this case, you can get other autonomous systems (groups of networks in the world) to think your router hosts the true path to a segment. See this article with several historical examples.
- Other attacks not exploiting weaknesses in a protocol - It is considered a "Man in the Middle" when traffic is intercepted while in transit. This could involve application weaknesses, altered DNS settings, etc. Some of these may work only on an intranet, others on a global scale.
armani
- 2,658
- 19
- 20