Question

How to prevent (or warn) man in the middle attack? (Mendix application hosted in the Mendix Cloud)

0

We want to give a warning to the user (or block his login) when there is a MITM that is trying to incercept traffic when someone is connected with a open WIFI. Is it possible to detect "MITM" by javascript in a browser or do I have to do something with a certificate? We host a application in the Mendix Cloud and a Pentester discovered that it is possible to do package ‘sniffering’? and intecept data. We also use a hybrid Phonegap app. Do I also have to add something to the config.xml of the phonegap package to do this check for the Hybrid app. Or is enough to use a certficate? Thanks for your help. Regards Cillus

asked 2020-05-08

Cillus den Brok

2 answers

Rom van Arendonk · Answer 1 · 2020-05-08

If you deploy in the Mendix Cloud, you are connecting over https: the Mendix cloud does not allow http connections. This prevents man-in-the-middle attacks. Furthermore, since the connection is encrypted, packet sniffing on the network can't be done (well, you can sniff the packets, but you can't decrypt them). I would be suspicious, although intrigued, by a pentester who made those claims and I would double check his claims.

Furthermore, since I would classify this as a security risk, I would escalate this to Mendix and let them solve it, instead of looking for advice on the forums.

Cillus den Brok · Answer 2 · 2020-05-08

There is a SSL certificate checker for PhoneGap.
See:

https://github.com/EddyVerbruggen/SSLCertificateChecker-PhoneGap-Plugin

I can try to implement this.