Randy Abrams, director of technical education, ESET
December 01, 2010
Threat of the month

Threat of the month: Firesheep

Randy Abrams
Randy Abrams

Firesheep

What is it?

Firesheep is a Firefox add-on that automates the hijacking of accounts that are not secured by SSL (https).

How does it work?
When a user logs onto Facebook, Amazon, Twitter or any number of other accounts, the user name and password are encrypted, but the cookie that the site sets to remember the user is not encrypted as it is sent to that person's computer. This means that if the user is at their local coffee shop using their open Wi-Fi system and logs onto a website, the cookie can be intercepted by anyone else using the same Wi-Fi network. By intercepting the cookie, the attacker can use that user's account.

How can I prevent it?
There are ways to protect your accounts. You can use a VPN, but do not expect your corporate VPN to do the job. Typically, only traffic between your computer and the company are tunneled, leaving your webmail and other accounts unprotected. The safest approach is not to surf anywhere that requires a password when you are on a public network.

– Randy Abrams, director of technical education, ESET

From the December 2010 Issue of SCMagazine »
Similar Articles
close

Next Article in Opinions

More in Opinions

Follow me on this, your security team includes non-security people

Follow me on this, your security team includes ...

A successful security professional will tap into an organization's entire employee base to get results. And the benefits will go both ways.

Me and my job: Marty Edwards, ICS-CERT

Me and my job: Marty Edwards, ICS-CERT

Marty Edwards' job is to coordinate efforts between the government and the private sector.

Debate: Is advanced malware no longer a problem when administrator rights are ...

In this month's debate, experts discuss if advanced malware is still a persistent challenge after administrator rights are removed.