Home > Articles > Cisco Network Technology > General Networking > Firesheep, Fireshepherd, and Facebook: Understanding Session Hijacking

Firesheep, Fireshepherd, and Facebook: Understanding Session Hijacking

Contents

  1. Web Authentication 101
  2. Session Hijacking Attacks and Firesheep
  3. Defending Against Firesheep
  4. Final Thoughts

Article Description

Firesheep is a tool that allows hackers to eavesdrop on unencrypted wireless networks and, in essence, hijack the browser session. Information technology professional Mike Chapple shows you how web authentication makes session hijacking possible, how Firesheep exploits these vulnerabilities, and the measures that website administrators, web developers, and end users can take to protect against session hijacking attacks.

Like this article? We recommend

Computer Incident Response and Product Security

Computer Incident Response and Product Security

$54.99

Session Hijacking Attacks and Firesheep

Session Hijacking Attacks and Firesheep

Enter session hijacking attacks. An eavesdropper who manages to intercept any of the communications that take place during step 4 of the process (which is trivial on an unencrypted wireless network) can easily gain access to the cookie. Once the contents of the cookie are known, he or she can create a forged HTTP request that uses the cookie to gain access to the user's account.

Many popular websites, including Facebook and Twitter, have been vulnerable to this type of attack for many years. The only barrier to widespread exploitation was a woefully inadequate reliance upon security by obscurity. A relatively small number of people had the knowledge and expertise to carry out a session hijacking attack, and they often lacked the motivation. After all, major targets such as online banking, brokerage, and e-commerce sites encrypted all of their communications. Hijacking a social networking site session just didn't seem worth the effort.

Then along came Eric Butler with Firesheep, a tool that removed the barrier to entry and put session hijacking capability into the hands of anyone capable of installing a Firefox extension. A user wishing to steal sessions simply has to connect to an open wireless network, start Firesheep, and wait for the names of vulnerable users to appear on the screen. When an attractive target pops up, the attacker simply clicks on his or her name and gains full access to the session!

3. Defending Against Firesheep | Next Section Previous Section