On-path attacks, formerly known as man-in-the-middle attacks, are some of the most dangerous network threats. In this episode, we explain how attackers insert themselves into the communication path between devices to intercept, modify, or impersonate data. You’ll learn about ARP spoofing, rogue gateways, and SSL stripping—each with their own vector and risk level. These attacks are difficult to detect and often used in credential theft or session hijacking.

We also cover DNS poisoning (or cache poisoning), which manipulates DNS resolution to redirect users to malicious servers. We discuss how attackers poison recursive resolvers and how DNSSEC (Domain Name System Security Extensions) helps prevent these types of attacks. This episode prepares you to identify, prevent, and respond to one of the most subtle yet devastating types of network compromise.