1 00:00:00,180 --> 00:00:07,290 Now, let's talk about sition hijacking and men in the middle attack when you are connected to the Internet. 2 00:00:07,440 --> 00:00:13,290 Your computer has a lot of small back and front transaction with servers around the world, letting 3 00:00:13,290 --> 00:00:20,690 them know who you are and what type of specific websites or service you are requesting for in return. 4 00:00:20,820 --> 00:00:27,420 If everything goes as it should, the Web server should respond to your request by giving you the information 5 00:00:27,540 --> 00:00:28,560 you are accessing. 6 00:00:28,980 --> 00:00:35,100 This process or recession happens whether you are simply browsing or when you are logging into a website 7 00:00:35,100 --> 00:00:36,840 with your username and password. 8 00:00:37,590 --> 00:00:44,130 Dushan, between your computer and the remote web server is given a unique schneid which should stay 9 00:00:44,130 --> 00:00:45,990 private between the two parties. 10 00:00:46,140 --> 00:00:53,580 However, an attacker can hijack a decision by capturing the schneid and posing as the computer, making 11 00:00:53,580 --> 00:01:01,830 a request which allows them to log in as an unsuspecting user and gain access to unauthorized information 12 00:01:01,830 --> 00:01:02,850 on the Web server. 13 00:01:03,810 --> 00:01:08,100 There are no number of matter and attacker can use to steal discretion. 14 00:01:08,100 --> 00:01:16,440 ID, for example, Crossette scripting attack can also be used to hijack an I.D. and attacker can also 15 00:01:16,440 --> 00:01:22,470 opt to hijack discretion to insert themselves between the requesting computer and the remote server 16 00:01:22,710 --> 00:01:25,690 by pretending to be the other party in this. 17 00:01:26,520 --> 00:01:33,300 This allows them to encrypt information in what direction this matter is commonly called. 18 00:01:33,300 --> 00:01:40,800 As a man in the middle attack, a man in the middle attack is a gender term for when an attacker positions 19 00:01:40,800 --> 00:01:46,950 himself in a conversation between a user and application by making it appear as if a normal exchange 20 00:01:46,950 --> 00:01:48,520 of information is under way. 21 00:01:49,050 --> 00:01:55,200 The goal of an attack is to steal personal information such as login credentials, a candidate and credit 22 00:01:55,200 --> 00:01:56,370 card numbers, etc.. 23 00:01:56,820 --> 00:02:03,000 Targets are typically the users of financial application sites, businesses, e-commerce sites and other 24 00:02:03,000 --> 00:02:05,430 websites where logging in is required. 25 00:02:06,030 --> 00:02:12,660 Information obtained during an attack could be used for many purposes, including identity theft, unapproved 26 00:02:12,660 --> 00:02:15,360 phone transfer or an illicit password change. 27 00:02:16,310 --> 00:02:23,510 Broadly speaking, a man in the Middle East equivalent of a mailman opening your bank statement, writing 28 00:02:23,510 --> 00:02:28,460 down your account details and then reselling the envelope and delivering it to your door. 29 00:02:29,300 --> 00:02:36,260 There are some practical tips to prevent the man in the middle attack, such as a wider Wi-Fi connection 30 00:02:36,260 --> 00:02:38,120 that are not password protected. 31 00:02:38,570 --> 00:02:44,780 The next one is log out immediately from a secure application when it is not in use. 32 00:02:45,260 --> 00:02:52,790 The third one is not to use public networks such as coffee shop and hotel by white when conducting sensitive 33 00:02:52,790 --> 00:02:54,640 transactions, etc.. 34 00:02:55,100 --> 00:03:01,850 Let's better understand why this image in a successful man in the middle of a tech user of one's computer 35 00:03:01,850 --> 00:03:05,750 thinks it is talking to users, computer and user does. 36 00:03:05,750 --> 00:03:08,600 Computer thinks it is talking to users computer. 37 00:03:08,900 --> 00:03:12,730 But the network traffic is diverted by a attacker. 38 00:03:13,010 --> 00:03:21,110 So whatever the information transfer between user one and user two is passed through the attackers computer 39 00:03:21,110 --> 00:03:21,650 system.