It can be quite difficult to determine whether you are the victim of a Man in the Middle attack.
Eavesdropping is a common Man in the Middle attack type in which communication between two parties is relayed to record the data that is transferred between both parties.
SSL Eye is a free software program for Windows that provides you with a set of tools that help you determine whether you are the victim of a Man in the Middle attack.
The main idea behind the program is to use independent servers to query websites you are communicating with to determine their SSL fingerprint and compare it against the SSL fingerprint that your computer gets when you run the same query.
The program has two main modes of operation. You may query a single website at any time to get SSL fingerprint information and a couple of other information, or use the bulk queue tool to check multiple websites instead.
To check a single site, simply type its address into the form at the top. It needs to be noted that this works only on https sites and not http sites.
Once you have entered the address hit the run button to start the scan. SSL Eye queries servers in several countries including Germany, the UK and US, and displays host IP and SSL fingerprint results afterwards.
All that is left to do is check the fingerprints against the local fingerprint. If you got at least one match, you are not the victim of a Man in the Middle attack.
The program checks for perfect forward secrecy as well and some other values. Perfect Forward Secrecy is indicated with a green checkmark, the other values, connection encryption, key exchange, message authentication and issued by are listed when you select a server from the listing.
The multiple websites query tool works the same but allows you to load addresses in bulk instead. Just click load, select the predefined websites or a custom listing and hit scan afterwards.
The program scans all sites and displays the same information that it displays when you query a single site.
The application comes with two keyboard shortcuts to scan addresses selected in other programs. Copy a single address to the clipboard and hit Ctrl-Shift-S to have it scanned by the program. While you don't get to see the scan itself, you will receive a small overlay that tells you if your connection to that site is secure.
SSL Eye is a handy program for Windows as it provides you with a tool to check secure connections against Man in the Middle attacks. While it is not automated, it may be useful at times when you want to make sure the connection is secure.Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.