What is Man-in-the-Middle Attack?
Turkish: MITM Saldırısı
A MITM attack intercepts traffic between two parties so an attacker can read, alter, or redirect communication without consent.
What is a Man-in-the-Middle Attack?
A MITM attack happens when an attacker places themselves between a user and the system the user thinks they are communicating with. It is not a useful feature; it is a confidentiality and integrity risk.
How Does It Happen?
An attacker may create a fake Wi-Fi network, use ARP spoofing on a local network, tamper with DNS responses, or trick a user into accepting a fraudulent certificate. If successful, the attacker may read passwords, session cookies, payment data, or API traffic. In some cases, they can also alter responses and guide the user toward a harmful action.
How to Reduce the Risk
Strong SSL/TLS configuration, HSTS, never disabling certificate validation, secure cookie settings, DNS protections, patched devices, and caution on untrusted networks are baseline controls. Certificate pinning can reduce some risks in mobile apps, but it requires an operational plan for certificate rotation.
For teams working outside the corporate network, a VPN can help protect traffic. It is not enough by itself; user training, MFA, and endpoint security should be part of the same defense model.
Related Terms
Phishing tricks users with fake messages or sites to steal passwords, payment data, or approval for unauthorized actions.
SSL/TLS (Secure Sockets Layer / Transport Layer Security)SSL/TLS is the protocol family that provides identity checks, key agreement, and encrypted data transfer between clients and servers.
VPN (Virtual Private Network)A VPN creates an encrypted tunnel between a device and a target network, protecting traffic and enabling private access.