Home > Articles > Cisco Network Technology > General Networking > Firesheep, Fireshepherd, and Facebook: Understanding Session Hijacking

Firesheep, Fireshepherd, and Facebook: Understanding Session Hijacking

Article Description

Firesheep is a tool that allows hackers to eavesdrop on unencrypted wireless networks and, in essence, hijack the browser session. Information technology professional Mike Chapple shows you how web authentication makes session hijacking possible, how Firesheep exploits these vulnerabilities, and the measures that website administrators, web developers, and end users can take to protect against session hijacking attacks.

Like this article? We recommend

Computer Incident Response and Product Security

Computer Incident Response and Product Security

$54.99

Final Thoughts

Final Thoughts

The release of Firesheep is more than just a software threat. It highlights an underlying flaw in the way many web applications conduct session management. While there are temporary solutions you can implement to limit the short-term damage done by the release of this tool, it's imperative that the web application community band together and develop long-term solutions that resolve the significant design vulnerabilities which make session hijacking attacks possible. Otherwise, we'll be just as vulnerable when the next tool rolls out.