Firesheep

Hello!!  Long time since I last updated my blog~~~~~

so i decided to add something sifferent this time~ 

Well, take this guys! :DD

We all know about cyber crime and how such acts can affect our lives, so the first thing to do before we can counter such attacks is to understand them. The article below is a brief description about "Firesheep", so lets read~~~~ :)

Firesheep is an extension developed by Eric Butler for the Firefox web browser. The extension uses a packet sniffer to intercept unencrypted cookies from certain websites (such as Facebook and Twitter) as the cookies are transmitted over networks, exploiting session hijacking vulnerabilities. It shows the discovered identities on a sidebar displayed in the browser, and allows the user to instantly take on the log-in credentials of the user by double-clicking on the victim's name.

The extension was created as a demonstration of the security risk to users of web sites that only encrypt the login process and not the cookie(s)created during the login process. It has been warned that the use of the extension to capture login details without permission would violate wiretapping laws and/or computer security laws in some countries. Despite the security threat surrounding Firesheep, representatives for Mozilla Add-ons have stated that it would not use the browser's internal add-on blacklist to disable use of Firesheep, as the blacklist has only been used to disable spyware or add-ons which inadvertently create security vulnerabilities, as opposed to attack tools (which may legitimately be used to test the security of one's own systems).

Later a similar tool called Faceniff was released for Android mobile phones.

As for us in UTM, many uses Wi-Fi for online purposes. But how safe are we against such attacks?

Wireless network security

Local Wi-Fi networks may be configured with varying levels of security enabled. Using a Wired Equivalent Privacy (WEP) password, the attacker running Firesheep must have the password, but once this has been achieved (a likely scenario if a coffee shop is asking all users for the same basic password) they are able to decrypt the cookies and continue their attack. However, using Wi-Fi Protected Access (WPA) encryption offers individual user isolation, preventing the attacker from decrypting any cookies sent over the network even if they have logged into the network using the same password. An attacker would be able to manually retrieve and decrypt another user's data on a WPA-PSK connection, if the key is known.

Well, that's all for now! Hope this post gave you guys some info. 

See you again very soon! xDD