Firesheep is a new browser extension Firefox that allows hackers to steal cookies from other users connected to the same WiFi network he use, so you can install in your browser and make believe for websites such as Facebook and Twitter are already logon to the accounts of these people.
Firesheep not steal passwords, because this not listed in the cookie - so that no possible to completely take over accounts, but people who use extensions can make a number of operations website hacked (at least temporarily original user click logout).
Firesheep install a sidebar in Firefox. With clicking on the "Start Capturing" extension started escaenar WiFi network that we are connected, from that moment will be caught in each cookie sent (in a bar will appear and a profile picture username for each cookie). This is what known in English as "sidejacking. "
Firesheep creator is Eric Butler, U.S. a developer who decided to initiate this extension to show how serious security problems on site such as Facebook, Twitter, Amazon, Foursquare, Google, Windows Live, Wordpress and Yahoo, who do not use encryption for SLL login process for users.
Firesheep compatible with Firefox version for Windows and Mac OS X. Dan Butler street version of Linux.
Extension does not work on network which encrypts all transmissions between computer and router. If you want avoid becoming victims of attacks by Firesheep I recommend using the service Free Hotspot Shield or Firefox extensions as HTTPS everywhere and Force-TLS. Another solution is to change the encrypted WiFi network that You use WEP to WPA2.
0 Comments:
Post a Comment