Man-in-the-middle attacks are difficult to protect against. The attack happens outside of the victim's controlled environment, and when executed properly, doesn't leave an obvious signature that alert the victims involved. MITM is typically the first step of a more sinister attack such as SSL strip. One common way to protect against MITM is ensuring websites use SSL/TLS 3.0. In other words, make sure the websites are accessed using HTTPS or HTTP secure connections. Verifying HTTPS is not as easy as looking for a little green address bar with a lock symbol, because attackers can serve victims certificates to make it appear like the session is secure.

To properly test a HTTP session, examine the certificate and look at the ...