CIP Cyber

WiFi Killer-FireSheep

Table of Contents

Security researcher always warned people about the bug and vulnerability of public networks and unencrypted services, life changes every day the new day come with some new vulnerability.

As you know that when you logging into a website your enter your user-name and password and then the server check your submitting user-name and password with their record and than assign you a cookies for your browser to get connected with server, what happen when you are logging and someone will get your cookies and use it on his browser, yes this is called session hijacking.


Over a year ago, session hijacking need some technical knowledge and the new and inexperienced user’s cant do this, but the time has been changed and a Firefox add-on called Firesheep introduced that hijack the facebook,myspace and twitter session over an open network. FireSheep is free, open source and available almost on every operating system.

How Firesheep Works

Firesheep is a packet sniffer that analyze received packets from unencrypted websites on a open network like WiFi connections.
An attacker install firesheep and the new side bar appears on Firefox and the extension wait for the 26 websites that are in firesheep database to log in, when someone log in in any of these websites than firesheep capture his session id or user-name and password.   

If you know the difference between HTTP and HTTPS than you can easily understand the working of FireSheep, yes when your browser shows HTTPS instead of HTTP means your are logging on an encrypted website.

Protection

  • Use a VPN(Virtual Private Network) that create a secure tunnel for your data.
  • Use HTTPS everywhere, it is a firefox add-on.
  • Avoid visiting such websites, when you connected to the public access networks, in place like coffee shops and airports.


Note: If you enjoyed this post, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
CIP Cyber Staff

CIP Cyber Staff

CIP Cyber Staff comprises CIP cybersecurity experts committed to delivering comprehensive information on critical infrastructure protection. The content covers diverse topics, equipping professionals to defend organizations and communities in an ever-evolving cyber landscape.

Most popular

Industrial Cybersecurity

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings

Related Articles

What Proxies Are For

When you cannot access certain sites or hide your identity, you need a tool for that. For example, the USA proxies are in demand among

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings