Is a VPN a sort of Man-In-The-Middle attack (MITM)?

Question:

anonymous

2020-07-20 16:36:15 UTC

So, like the question says. We all know that VPN is basically what masks your data traffic, but based how I understand it, it's still you basically allowing a VPN service provider to take your information and then mask it before sending it on its way again to your desired destination. Yes, it does defend against OTHER MITMs but I still see it as an MITM. Now, I've read about this a bit, and some said that it VPN is a sort of MITM, whilst others (i.e. my teacher) said that it's not an MITM. Unless I'm not understanding what VPN really is (I gave a very simply explanation above, by the way, I can go in more details), one of us is wrong XD.

Your thoughts? Thank you!

Four answers:

I Like Stories

2020-07-20 17:24:53 UTC

In a sense you are right, a VPN is a MiTM, but not an attack. A MiTM attack is when a device spoofs a service or website for malicious purposes directed at the end user. With a VPN you are tunneling the communication between you and the VPN server - that portion of the communication path is secured/hidden/encrypted. The portion of the communication between the VPN server and the target device is in the clear (not secured), but the target device is communicating with the IP address of the VPN server, not end users IP address.

When initially developed the purpose of a VPN was to enable "remote users" to connect to a corporate network through the Internet. The VPN server connected to a corporate network on one side and the Internet on the other. This allowed workers who were not directly connected to the corporate network to access the corporate network services through the Internet. Then some enterprising nerds decided to start offering VPN as a pay for service allowing the VPN services subscribers to mask their location and IP address from the services they were trying to access. A company like Netflix might view a VPN server as a MiTM because it allows someone to bypass copyright restrictions.

Cendol

2020-08-06 06:36:40 UTC

VPN like a MiTM but not attack.

For example, when I use vpn proxy master, they secure my traffic through their heavily encrypted server.

They use bank-level AES 256 encryption to protect your online activities.

Not only that, vpn also assign a new IP address to you, so you will not browsing the internet using your real IP address.

Totally different from what MiTM attack where it spoofs traffic to push malicious attack to the end user.

2020-07-20 20:38:17 UTC

it can be, if you don't know or trust the VPN owner.

remember, you are making a connection to the VPN'S network.

if they are based in another country, they may have different laws, and may not be trustworthy.

Robert J

2020-07-20 17:01:02 UTC

No. The nearest analogy is a postal accommodation address.

You send things to that with an extra "outer wrapper"; they remove the wrapper and post it, with their address set for the reply.

When they get a reply to you at that address, they add a wrapper addressed to your real address and send it on.

They never see inside the inner package or envelope if you are using https:// secure websites.

The encryption is end-to-end from your machine to the remote system, plus the encrypted VPN wrapper added between you and the VPN server.

The possibility of a man in the middle attack is no greater and no less that at any other router the data passes through between you and the remote site.

ⓘ

This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.

about - legalese