Dimitri
Reputation: 1
How to protect WebRTC from MitM attack?
I am working on a PoC with WebRTC for static assets, and discovered it could be hacked with a MitM : https://webrtchacks.com/webrtc-and-man-in-the-middle-attacks/. Is there a way to prevent WebRTC from such an attack ?
Upvotes: 0
Views: 400
Answers (1)
Tsahi Levent-Levi
Reputation: 2386
Note that the post starts by compromising the signaling server. You can safely assume that if the signaling server is compromised everything goes down the drain. The reason for that, is that at the end of the day you need to trust some kind of an entity to broker the communication and that's the signaling server.
Only thing you need to do to protect against such an attack is to protect your signaling server - something quite common in the web today.
Upvotes: 1
Related Questions
- Why is WebRTC encrypted?
- How can I implement own webrtc server in my project?
- Is there a way to tap/intercept a webrtc detection to prevent ip leak without disabling webrtc?
- How to reject WebRTC call
- Is webrtc vulnerable to network attack?
- Mitm Attack on WebRtc
- WebRTC and security - intercepting connections?
- WebRTC: Conflict with HTTPS mode in SimpleWebRTC
- WebRTC shim for browsers that don't support WebRTC