Prevent Firesheep attack by using blacksheep and use unsecured network in secure way
Tuesday, November 9, 2010
0
comments
In one of my previous post i wrote how Firesheep allow a user to use another user's account easily on a wifi network. This is an easy way to get into other person's account. Now a new extension is released that alerts users to the presence of a Firesheep hacker. This is a good news for those users who use unsecured network.
BlackSheep does this by dropping ‘fake’ session ID information on the wire and then monitors traffic to see if it has been hijacked. While Firesheep is largely passive, once it identifies session information for a targeted domain, it then makes a subsequent request to that same domain, using the hijacked session information in order to obtain the name of the hijacked user along with an image of the person, if available. It is this request that BlackSheep identifies in order to detect the presence of Firesheep on the network. When identified, the user will be receive the following warning message:
The developers of the new Blacksheep software, web security specialists zscaler , have it available to download for free on their website now. Specifically mentioning the Firesheep extension, their site introduces Blacksheep as a "Free tool to protect against Firesheep Security threat. Blacksheep alerts users if sessions are hijacked after logging in to a social network or email."
If you are using firfox web browser, use below link to install blacksheep.
Download Here:
http://www.zscaler.com/research/plugins/firefox/blacksheep/blacksheep-latest.xpi
BlackSheep does this by dropping ‘fake’ session ID information on the wire and then monitors traffic to see if it has been hijacked. While Firesheep is largely passive, once it identifies session information for a targeted domain, it then makes a subsequent request to that same domain, using the hijacked session information in order to obtain the name of the hijacked user along with an image of the person, if available. It is this request that BlackSheep identifies in order to detect the presence of Firesheep on the network. When identified, the user will be receive the following warning message:
The developers of the new Blacksheep software, web security specialists zscaler , have it available to download for free on their website now. Specifically mentioning the Firesheep extension, their site introduces Blacksheep as a "Free tool to protect against Firesheep Security threat. Blacksheep alerts users if sessions are hijacked after logging in to a social network or email."
If you are using firfox web browser, use below link to install blacksheep.
Download Here:
http://www.zscaler.com/research/plugins/firefox/blacksheep/blacksheep-latest.xpi
please comment below if this post is useful for you..
:)
Categories:
Email Id hacking,
Hacking tutorials,
session hijacking
0 comments:
Post a Comment