Security questions

satishtechsatishtech Posts: 243Member
Can VPN's mitigate/thwart MiTM attacks?
I am using orbot vpn proxy, amongst others
was wondering if my packets are readable.
MiTM presuming the ISP server is comprised.

2.Can an email traced back to the sender via MAC(ISP),presuming a jacket sends an email via TOR or a hacked Wi-Fi connection etc.

Comments

  • satishtechsatishtech Posts: 243Member
    Correction spelling it's attacker not jacket *
  • Nik 99Nik 99 Posts: 152Member
    satishtech wrote: »
    Can VPN's mitigate/thwart MiTM attacks?

    Hi. Techexams technotes mention that any mutual authentication and encryption can mitigate a MiTM attacker. Tbh I don't really have enough knowledge myself to know what would actually happen, but I strongly doubt decent VPN technologies would easly allow an attacker to insert himself inbetween the two end points of the tunnel. Besides he won't be able to read the traffic he captures without the key. Any traffic a MiTM introduced would have to be in clear text I reckon since he doesn't have the key also. I imagine a good VPN would drop any such clear text traffic that was part of the communication.

    TechExams.Net - Security+ TechNotes: Attacks

    If anyone knows for certain, I'd also like to hear what would happen.
  • nisti2nisti2 Posts: 480Member ■■■■□□□□□□
    As Nik 99 says if someone try to intercept the traffic over a VPN, the hacker will just see encripted traffic.
    2019 Year goals:
    AWS Cloud Practitioner
    Willing to take: ITIL Foundation, 70-410
    "Certs... is all about IT certs!"
  • satishtechsatishtech Posts: 243Member
    Thank You for the response.
    I an using the following options
    for VPN
    -Orbot proxy TOR
    -Pepe DNS changer with VPN
    and others like opera vpn etc,
    which one would be the best.

    orbot gives more granular control.
    There is an option for bridging in orbot,
    meant to be used if the ISP blocks TOR,
    if enabled does this enhance security.


    My other question in relation to MAC is in the scenario that I get an anonymous email, say with a class A IP address in the email header,usually happens when someone send an email via a mobile network, which tend to use NAT. There is no way to trace this as an individual.
    Is it possible for cyber police to trace it via logs in the ISP or/and email server. MAC is restricted to the LAN, but accessing Router/Proxy server logs can IP be traced
    to an Individual machine(MAC).
  • Nik 99Nik 99 Posts: 152Member
    Can't help you with the VPN question. Way beyond what I know.

    MAC address's shouldn't be an issue because they are restricted to LAN's. For each network a packet goes across the frame is removed and replaced with a new frame with a source and destination MAC that are only present within that network (Interface of the sending router and interface of receiveing router).
Sign In or Register to comment.