Welcome to Ask A Pentester, where you can get your security questions answered by members of the IT Security community!

Spread the word!

Links

How can I protect myself against Firesheep?

+2 votes
I have read about Firesheep and it scared the hell out of me ;)

Is there anything I can do to protect myself?

 

Thanks!
asked 1 year ago in Web Hacking by Chaly Drain Bamaged enthusiast (420 points)

4 Answers

+4 votes
 
Best answer

Yes, you can! ;)

This attack is based on the fact that Facebook & Co. use HTTPS only in the authentication phase and reverts to HTTP once you are logged in. This allows an attacker to sniff your session cookies.

The easiest solution is to use this Firefox plugin, which forces HTTPS all the time.

 

Best,

Carlos
answered 1 year ago by carlos enthusiast (460 points)
Thank you very much!
This worked perfectly for me! :)
commented 1 year ago by Chaly Drain Bamaged enthusiast (420 points)
+2 votes
The answer with "HTTPS everywhere" is a nearly complete advice, but moreover some things has to be admitted. Not every Website is working the whole time with HTTPS and Firesheep sniffs your session cookie.
Remember the way you transmit IP-packets!
In a WLAN everboby within reach receive your packets, in a cable-based-switched-ethernet-network is pysical access to your network nessesary to sniff your traffic, accompanied by a MITM...

So avoid to use login and other confidential data while wireless and when your are forced to do so, secure your packet-path!  (Even a VPN-tunnel into your company would help..)

RogerWilco
answered 1 year ago by RogerWilco (90 points)
0 votes
What about FireShepherd ? It is "a small console program that floods the nearby wireless network with packets designed to turn off FireSheep, effectively shutting down nearby FireSheep programs every 0.5 sec or so, making you and the people around you secure from most people using FireSheep. " (From definition) It is mainly designed for FireSheep if it is your primary concern.
answered 1 year ago by Kain (50 points)
nice!

Hacking the hackers...

Thanks! ;)
commented 1 year ago by carlos enthusiast (460 points)
0 votes
I leave my Wireless Network Connection disabled unless it's in use. When in use, I always tether to my Android phone, which provides a WPA2 connection that only I know the 52 character "graph" password to (and I change it every few days when it's convienient or I'm feeling compromised).

I don't connect to other networks, such as local networks or coffee shops (my Local Ethernet Connection is permanently disabled), and I find ways to access networks that I need access to in other ways.
answered 1 year ago by atdre pro pentester (1,080 points)
edited 1 year ago by atdre

Please log in or register to answer this question.

Powered by Question2Answer
Designed by Axiologic SaaS