Friday, June 24, 2011

Blacksheep add-on to protect against WiFi session Hijacking

This is a Firefox add-on everyone should use if you use public WiFi anywhere anytime.
It's called 'Blacksheep'.

Blacksheep will find and block 'Firesheep' - a highly popular new hacking tool used to 'sniff out and steal your sensitive information on WiFi networks.

What Firesheep is:
Firesheep is the Firefox extension that makes it easier to steal logins and take over social media and email accounts after users log in from a WiFi hotspot or even their own unprotected network. It is designed to sniff out weak security and hijack web site credentials on open Wi-Fi networks. This technique is technically called 'Session Hijacking'.

Session hijacking is nothing new. Web sites typically use SSL connections for initial login pages, but revert to non-encrypted traffic for all subsequent communication. As such, while a user’s username and password may be protected, once they are authenticated, any user on the same network can simply sniff network traffic, obtain a user’s session ID and then hijack their session for a given website. Although this has always been a serious risk, especially on insecure networks such as public WiFi hot spots, some degree of technical knowledge was required to accomplish the attack. Firesheep, opens such attacks to the masses as it turns session hijacking into a point and click exercise. Unless websites mandate SSL for all traffic on the site, session hijacking will always remain a threat.

Fortunately, BlackSheep can be used to let you know if someone is running Firesheep on the same network and protect you.

Read some more here.

and here

or just add the extension to Firefox by going here!

Be safe folks!

No comments:

Post a Comment