312-50V10 · Question #648
Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use these tools in his lab and is now ready for real world exploitation. He was able to effectively inte
The correct answer is B. Man-in-the-middle. The Dsniff toolkit enables man-in-the-middle attacks by transparently intercepting traffic and relaying it between two parties, with neither endpoint detecting the intrusion.
Question
Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use these tools in his lab and is now ready for real world exploitation. He was able to effectively intercept communications between the two entities and establish credentials with both sides of the connections. The two remote ends of the communication never notice that Eric is relaying the information between the two. What would you call this attack?
Options
- AInterceptor
- BMan-in-the-middle
- CARP Proxy
- DPoisoning Attack
How the community answered
(54 responses)- A6% (3)
- B89% (48)
- C4% (2)
- D2% (1)
Why each option
The Dsniff toolkit enables man-in-the-middle attacks by transparently intercepting traffic and relaying it between two parties, with neither endpoint detecting the intrusion.
'Interceptor' is not a recognized standard attack classification; the complete described behavior - interception, credential establishment with both sides, and transparent relay - maps precisely to the man-in-the-middle category.
A man-in-the-middle attack involves an attacker establishing independent connections with each communicating party and relaying traffic between them so neither detects the intrusion. Dsniff tools such as sshmitm and webmitm achieve exactly this by intercepting credentials and session data while maintaining transparent communication with both endpoints.
ARP Proxy is a legitimate network technique where a router answers ARP requests on behalf of another host to enable routing, and is not itself an attack classification for this scenario.
A poisoning attack such as ARP or DNS poisoning describes only the technique used to redirect traffic toward the attacker, not the overall attack being conducted once that position is established.
Concept tested: Man-in-the-middle attack using Dsniff toolkit
Source: https://csrc.nist.gov/glossary/term/man_in_the_middle_attack
Topics
Community Discussion
No community discussion yet for this question.