locked
MITM Attack RRS feed

  • Question

  • I see, to have had a MITM attack and WHS is asking me to check the integraty of the network, but everything seems fine, but still the message remains, how do I sort this.
    HMG
    Tuesday, November 10, 2009 9:43 AM

Answers

  • updated my antivirus, I think the attack was due to me setting up my old router
    HMG
    Wednesday, November 11, 2009 12:18 PM

All replies

  • Can we have some specifics as to the warning you're seeing (in the console, I assume), the attack itself, etc.? The most certain method of cleaning up the results will be to start with scanning all your home PCs for viruses and malware, using a tool other than your current AV/malware protection suite (if any). You want to use another tool because your current tool may have failed to detect and protect you, and so might not find some of the sequelae. Then I would move immediately to a server reinstallation, which will wipe the system partition.

    Man in the Middle attacks are something that all networks may be subject to; this is one reason why I advise very strongly against the use of protocols such as FTP or Remote Desktop (port 3389) from the internet straight to your server. Both protocols use an unencrypted channel for transmission of some control information.

    I'm not on the WHS team, I just post a lot. :)
    Tuesday, November 10, 2009 5:05 PM
    Moderator
  • updated my antivirus, I think the attack was due to me setting up my old router
    HMG
    Wednesday, November 11, 2009 12:18 PM