I shouldn't tell you this but.... I'm gonna.

Status
Not open for further replies.

PwnSauce

Banned
FireSheep, a FireFox add-on lets you hijack established social networking user sessions by sniffing network traffic and taking advantage of how established Cookie sessions work on one of 26 popular websites like FaceBook, Twitter, Amazon etc.

http://www.pcworld.com/article/208727/firefox_addon_firesheep_brings_hacking_to_the_masses.html

BTW! This in no way means you are a "hacker", joe. lol.
This just means that you know how to install a FireFox add-on.


How to protect yourself against this?

- Don't log on to sites which require a password while using an unsecured wireless network. (e.g., a wireless network not secured with some variant of WPA encryption)

- Be sure you're home wireless networks are secured (Encrypted with WPA)

- Don't be stupid with your credentials. You don't have to update your facebook status every 10 minutes with "I'm getting free wifi, lalwgasm".

- This sort of vulnerability to YOU relies on you being on an unswitched network like on an old school hub or on a wireless where everybody can "hear" all other network being broadcast on the medium so that the sniffer part of FireSheep "sees" your session status. This means that if you're on a regular, hard-wired switched network where traffic is segregated and other users can't "usually" see your traffic, you should be ok.

enjoy!
pwn!
 
Status
Not open for further replies.
Top Bottom