How Firesheep Can Hijack Web Sessions
Firesheep is a Firefox extension used to hijack web sessions, usually used over WiFi networks. Firesheep doesn't steal usernames and passwords, instead it copies session cookies used on authenticated websites. These are then used to impersonate the hijacked connection. Session hijacking, or sidejacking is a well known problem, ranking 3rd on OWASP's (Open Web Application Security Project) Top 10 Application Security Risk list. Attackers using Firesheep just need access to network traffic -- such
Already have an account?
Attackers have one more trick up their sleeves. Cain & Able will generate an SSL certificate on the fly trying to fool browser users into trusting it. Don't. If you see a message like this (browsers display certificate errors in their own way) stop what you are doing and walk away.
SEE ALSO: Firesheep Simplifies Stealing Logins Firesheep Exposes Need For Encryption
About the Author
You May Also Like
A Cyber Pros' Guide to Navigating Emerging Privacy Regulation
Dec 10, 2024Identifying the Cybersecurity Metrics that Actually Matter
Dec 11, 2024The Current State of AI Adoption in Cybersecurity, Including its Opportunities
Dec 12, 2024Cybersecurity Day: How to Automate Security Analytics with AI and ML
Dec 17, 2024The Dirt on ROT Data
Dec 18, 2024