Been suspicious for a while now that someone has engineered a 'Man-In-The-Middle'-type communications-interception between this computer and its ISP. How could I identify the intervening network that is intercepting and adulterating data and bypass it? VPNs don't seem to be an effective option as if they're persistent enough to MITM these communications then they'll be willing to decipher encryption. Your assistance much appreciated.
This is a great solution IF the OP understands why its the way to go. OP seems to dismiss the VPNs as a way to secure and be certain a MITM is removed (assuming its there at all). The VPN (if its any good at all) will publish the client fingerprint during connection. There is no way a MITM can produce those fingerprints. During connection you can view the process and confirm the fingerprint is a match. Once connected the VPN client and your firewalls can be CERTAIN that no traffic comes in or out of the machine except through the VPN. I go as far as to only allow one specific "off beat" port and only using one specific protocol as well. All else is blocked and doesn't exist at all. You can isolate your network, but of course operator error can always presented by inexperienced "click all" users if you have those on the network. You can control those too but its outsisde of the OP's initial question.
Here's a good article on MITM: https://securitygladiators.com/man-in-the-middle-attacks/ Remember that Chrome, Firefox, and Opera all support public key pinning i.e. PKP which automates the GRC fingerprinting manual check. Also as noted in the article, VPNs do provide excellent protection against MITM interception. EMET had a certificate pinning feature that allowed IE the same capability although setup was burdensome and it only alerted to such activity and did not block the connection. Since EMET is no longer supported in Win 10, "you're left blowing in the wind" as far as IE and Edge go in this regard.
To be 100% correct, there are two types of browser pinning; certificate and public key as noted in this OWASP article: https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinninghttps://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning . Both the GRC and former EMET certificate thumbprint pin comparison technique employ what is referred to in the OWASP article as certificate hashing. The certificate thumbprint is a hash value of the certificate.
