views:

224

answers:

3

the ws-discovery specifications explains how to protect your network from

  1. message alteration
  2. Denial of service
  3. replay
  4. spoofing

but what about man-in-the-middle attack?

A: 

As far as I understand, The "message alteration" mitigation, that is signing the messages, is protecting the interaction from man-in-the-middle attack. If you can verify the source of the message and it authenticity by the sender unique signature, then any one trying to pretend to be legitimate sender wan't be able to do so.

Disclaimer: I am not security expert.

Igal Serban
A: 

The idea behind a Man in the Middle Attack(Wikipedia.org), is that your network is compromised and the attacker can intercept, view, and modify traffic between all members. The most basic step towards preventing this is to encrypt the network with WPA (at the minimum) and keep the access points locked down. Your goal should be to first prevent an attacker from getting into the network. The second layer of defense you could employ is to use some form of encryption for all the traffic between parties on the network (perhaps something other than public/private) so even if the network is compromised, the traffic will still not be intelligible to the attacker.

Disclaimer: I am also not a security expert.

A: 

ws security secures that when you sign the message, as it uses the private key to encrypt and then the reciept decrypt using the public key; so a man in the middle wont be able to interfere.

Hector