+ Reply to Thread
Results 1 to 6 of 6
  1. Senior Member
    Join Date
    Jan 2015
    Location
    kepler-452b
    Posts
    241

    Certifications
    MCSA 2003-Expired
    #1

    Default Security questions

    Can VPN's mitigate/thwart MiTM attacks?
    I am using orbot vpn proxy, amongst others
    was wondering if my packets are readable.
    MiTM presuming the ISP server is comprised.

    2.Can an email traced back to the sender via MAC(ISP),presuming a jacket sends an email via TOR or a hacked Wi-Fi connection etc.
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Jan 2015
    Location
    kepler-452b
    Posts
    241

    Certifications
    MCSA 2003-Expired
    #2
    Correction spelling it's attacker not jacket *
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    May 2016
    Location
    UK
    Posts
    113

    Certifications
    A+, Network+, Sec+
    #3
    Quote Originally Posted by satishtech View Post
    Can VPN's mitigate/thwart MiTM attacks?
    Hi. Techexams technotes mention that any mutual authentication and encryption can mitigate a MiTM attacker. Tbh I don't really have enough knowledge myself to know what would actually happen, but I strongly doubt decent VPN technologies would easly allow an attacker to insert himself inbetween the two end points of the tunnel. Besides he won't be able to read the traffic he captures without the key. Any traffic a MiTM introduced would have to be in clear text I reckon since he doesn't have the key also. I imagine a good VPN would drop any such clear text traffic that was part of the communication.

    TechExams.Net - Security+ TechNotes: Attacks

    If anyone knows for certain, I'd also like to hear what would happen.
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Feb 2014
    Posts
    220

    Certifications
    MS in Security Information, Sec+,A+, Server+, Network+, Certified Network Defense Profesional (CNDP), Certified Cybercrime Forensic Investigator
    #4
    As Nik 99 says if someone try to intercept the traffic over a VPN, the hacker will just see encripted traffic.
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Jan 2015
    Location
    kepler-452b
    Posts
    241

    Certifications
    MCSA 2003-Expired
    #5
    Thank You for the response.
    I an using the following options
    for VPN
    -Orbot proxy TOR
    -Pepe DNS changer with VPN
    and others like opera vpn etc,
    which one would be the best.

    orbot gives more granular control.
    There is an option for bridging in orbot,
    meant to be used if the ISP blocks TOR,
    if enabled does this enhance security.


    My other question in relation to MAC is in the scenario that I get an anonymous email, say with a class A IP address in the email header,usually happens when someone send an email via a mobile network, which tend to use NAT. There is no way to trace this as an individual.
    Is it possible for cyber police to trace it via logs in the ISP or/and email server. MAC is restricted to the LAN, but accessing Router/Proxy server logs can IP be traced
    to an Individual machine(MAC).
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    May 2016
    Location
    UK
    Posts
    113

    Certifications
    A+, Network+, Sec+
    #6
    Can't help you with the VPN question. Way beyond what I know.

    MAC address's shouldn't be an issue because they are restricted to LAN's. For each network a packet goes across the frame is removed and replaced with a new frame with a source and destination MAC that are only present within that network (Interface of the sending router and interface of receiveing router).
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks