Security questions

Can VPN's mitigate/thwart MiTM attacks?
I am using orbot vpn proxy, amongst others
was wondering if my packets are readable.
MiTM presuming the ISP server is comprised.

2.Can an email traced back to the sender via MAC(ISP),presuming a jacket sends an email via TOR or a hacked Wi-Fi connection etc.

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

satishtech

Correction spelling it's attacker not jacket *

Nik 99

satishtech wrote: »

Can VPN's mitigate/thwart MiTM attacks?

Hi. Techexams technotes mention that any mutual authentication and encryption can mitigate a MiTM attacker. Tbh I don't really have enough knowledge myself to know what would actually happen, but I strongly doubt decent VPN technologies would easly allow an attacker to insert himself inbetween the two end points of the tunnel. Besides he won't be able to read the traffic he captures without the key. Any traffic a MiTM introduced would have to be in clear text I reckon since he doesn't have the key also. I imagine a good VPN would drop any such clear text traffic that was part of the communication.

TechExams.Net - Security+ TechNotes: Attacks

If anyone knows for certain, I'd also like to hear what would happen.

nisti2

As Nik 99 says if someone try to intercept the traffic over a VPN, the hacker will just see encripted traffic.

satishtech

Thank You for the response.
I an using the following options
for VPN
-Orbot proxy TOR
-Pepe DNS changer with VPN
and others like opera vpn etc,
which one would be the best.

orbot gives more granular control.
There is an option for bridging in orbot,
meant to be used if the ISP blocks TOR,
if enabled does this enhance security.

My other question in relation to MAC is in the scenario that I get an anonymous email, say with a class A IP address in the email header,usually happens when someone send an email via a mobile network, which tend to use NAT. There is no way to trace this as an individual.
Is it possible for cyber police to trace it via logs in the ISP or/and email server. MAC is restricted to the LAN, but accessing Router/Proxy server logs can IP be traced
to an Individual machine(MAC).

Nik 99

Can't help you with the VPN question. Way beyond what I know.

MAC address's shouldn't be an issue because they are restricted to LAN's. For each network a packet goes across the frame is removed and replaced with a new frame with a source and destination MAC that are only present within that network (Interface of the sending router and interface of receiveing router).