INFORMATION SECURITY: Sidejacking Wi-Fi Hotspots – How a Hacker Can Access All of Your Online Accounts With a Free Program Part II: How to Recognize and Protect Yourself
If you have not read Part I Please Read it Before you read below – Read Part 1 HERE >>>
In part one of this series I introduced you to the dangers of side jacking/man in the middle attacks using browser plugins such as Firesheep.
Part II will give you a few ways to see when someone is using Firesheep and how to protect yourself.
An easy way to determine if someone is using Firesheep is by using something called BlackSheep. BlackSheep is a simple plugin that will alert you whenever someone on the network you are on is using FireSheep. BlackSheep can be found here:
From the site:
BlackSheep, also a Firefox plugin is designed to combat Firesheep. BlackSheep does this by dropping ‘fake’ session ID information on the wire and then monitors traffic to see if it has been hijacked.
While Firesheep is largely passive, once it identifies session information for a targeted domain, it then makes a subsequent request to that same domain, using the hijacked session information in order to obtain the name of the hijacked user along with an image of the person, if available. It is this request that BlackSheep identifies in order to detect the presence of Firesheep on the network. When identified, the user will receive a warning message.
I should note that if you want to try this for yourself and see results, you’ll have to have two separate computers running Firefox as both of the apps use a lot of the same code.