What is a " Man in the middle attack"?

Man-in-the-middle attack DescriptionThe man-in-the middle attack intercepts a communiion between two systems. For example, in an http transaction the target is the TCP connection between client and server. Using different techniques, the attacker splits the original TCP connection into 2 new connections, one between the client and the attacker and the other between the attacker and the server, as shown in figure 1. Once the TCP connection is intercepted, the attacker acts as a proxy, being able to rd, insert and modify the data in the intercepted communiion.
Figure 1. Illustration of man-in-the-middle attack

ARPPoisoning :-Address Resolution Protocol (ARP) spoofing, also known as ARP flooding, ARP poisoning or ARP PoisonRouting (APR),is a technique used to attack an Ethernet wired or wireless network. ARP Spoofing may allow an attacker to sniff data frames on a local ar network(LAN), .


Through this attack An Attacker can compromise victim machine & facebook,gmail,yahoo etc through online sessions even on Https ie ssl encryption without any certifie error .
i will use backtrack 5 to show you how to perform this attack with ssl encryption bypass on Lan computers
wait for my next tutorial:)