Man in the middle attacks refers to when an attacker is able to sit in the middle of your traffic and is able to see your communication without you knowing.
Most man in the middle attacks occur when an attacker gets in the middle of you and another device. The attacker gets the information from you, looks at the info, and forwards it on to the intended destination device, all unknown to you or the destination device.
A common way to perform a man in the middle attack is via ARP poisoning. If the ARP (Address Resolution Protocol) has no security, an attacker is able to sit in the middle. Normally, we know the IP of the device we want to communicate with. For example, suppose computer A (with an IP of 192.168.5.5 and MAC Address of c8:be:c8:a7:38:d5) wants to communicate with Router B (with an IP of 192.168.1.1 and MAC address of 00:09:5b:d4:bb:fe). Computer A will send out a broadcast to everyone on the network asking if you have an IP address of 192.168.1.1, then please send back your MAC address. Router B will see the broadcast and send back a response that its MAC is 00:09:5b:d4:bb:fe. Computer A receives this message and caches the info that IP 192.168.1.1 is equal to MAC 00:09:5b:d4:bb:fe.
With ARP poisoning, there’s a third attacker device lets say with an IP of 192.168.1.14 and a MAC of aa:bb:cc:dd:ee:f8. The attacker device sends an unsolicited ARP response to Computer A saying I am 192.168.1.1 and my MAC is aa:bb:cc:dd:ee:ff. Computer A then changes it’s ARP cache to say that 192.168.1.1 is now equal to MAC address: aa:bb:cc:dd:ee:ff. The attacker device could also poison the ARP cache of Router B. And now the attacker device can sit between the traffic of Computer A and Router B. Computer A and Router B will still be able to communicate with eachother, but they are unknowingly going to the attacker device in between them.
To mitigate risks of man in the middle attacks, use encrypted protocols such as HTTPS and SSH.
In addition to encrypting based on the application, you can have all communication go through a secure channel via a client based VPN. Even if someone sits in the middle, they wouldn’t be able to view the information because it’s encrypted.
Also use encrypted wireless networks to help mitigate a man in the middle attack.
