How can you protect yourself from session hijacking with firesheep?

  • Thread starter DrZoidberg
  • Start date
In summary, to protect yourself from session hijacking with firesheep, it is important to use secure HTTPS connections when browsing websites, avoid using unsecured public Wi-Fi networks, regularly clear your browser cookies and cache, and enable two-factor authentication when available. It is also recommended to use browser extensions such as HTTPS Everywhere and to be cautious of clicking on suspicious links or downloading unknown software. By taking these precautions, you can greatly reduce the risk of falling victim to session hijacking and protect your sensitive information online.
  • #1
DrZoidberg
522
70
Hi,
I read about firesheep, a firefox plugin that allows you to log into other peoples accounts (twitter, facebook, etc). It's called session hijacking.
So now that every 12 year old is able to connect to a public wlan hotspot and log into other peoples accounts, I wonder how you can protect yourself from it.
How is it even possible? IP packets sent from one computer in a wlan network to e.g. facebook will go to the router and from there into the internet but all the other computers in the same wlan network should not even see those IP packets, do they? Is a wlan router actually sending each IP packet to ALL the computers in the network? Is it possible to prevent this?
 
Computer science news on Phys.org
  • #2
Don't use unencrypted sites/login pages. Duh?

Alternatively, only sign into networks that use WPA2 encryption.
 
  • #3
Yes I know, but that is not always possible.
Do you know how firesheep manages to monitor the connection between my computer and some website?
 
  • #4
DrZoidberg said:
Yes I know, but that is not always possible.

But it is possible to avoid non-encrypted websites and non-secured wireless access points.

Do you know how firesheep manages to monitor the connection between my computer and some website?

Look up http://netsecurity.about.com/cs/hackertools/a/aa121403.htm" . In a wireless network you are sending your packets to the access point via RF. Anyone with an antenna and the proper software (like Firesheep) can intercept those packets.
 
Last edited by a moderator:
  • #5
Thanks,
But I still have more questions.
If I use an encrypted wireless access point, other people on the same network will also have the key. Could any of them still intercept my packets?
 
  • #6
DrZoidberg said:
If I use an encrypted wireless access point, other people on the same network will also have the key. Could any of them still intercept my packets?

That question was answered in the link I posted. Please do some of your own research.
 
  • #7
I have a CS major friend who has been playing around with firesheep and he has been attacking firesheep users with a similar program called blacksheep. At the least, it will tell you if others on the same network are using firesheep. I don't know that it provides any protection. He used it as a starting point in a security experiment they were doing. Interesting stuff, way over my head though.
 
  • #8
Just when you go to Facebook, don't type just facebook.com, type https://www.facebook.com
That'll make it so you automatically use their encrypted log in. There are lots of addons for browsers out there that do this automatically for you for most sites that allow it.
 
  • #9
I'll comment on Facebook -- they really do not like you to use https (https is encrypted, http is not), in my experience.

If you just try going to https://www.facebook.com, it seems to try and redirect you back to http://www.facebook.com.

The only way I have found to get around this is by using a browser plugin. I'm sure there's one for Firefox, but for Chrome it's called "Facebook Secure Connection (Force Https SSL)".

If you're using https, however, they disable chat for you. How nice of them :)

On the original topic:

When browsing a web page using wifi, there are two likely scenarios in terms of having an encrypted connection:

1) Encrypted wifi
2) https

You are correct in saying that someone else can intercept your traffic if they have the encryption key for the network you're on -- or it's unencrypted.

However, if you're on any wireless connection other than your own, or it's not secured with at least WPA, then assume that they can intercept your packets.

Https encrypts information between the server and your computer, and, as far as I know, has not been broken yet (unlike WEP). Therefore, even if they can intercept your packets over wifi, they still can't decrypt your https traffic.

However, they can still tell what server you're accessing, unless you're using an encrypted proxy.

In other words:

Make sure the important sites you are accessing are using https when you are on insecure wifi.

If you don't want them to even know what site you're looking at, then you'll need to use an encrypted proxy. They can still find out you're using a proxy, however (and the proxy could record the sites you are accessing).
 
Last edited by a moderator:
  • #10
Also don't accept new certificates, ARP spoofing and sslstrip can give you the impression you are still on a https connection, however it's actually a man in the middle attack and the MITM is forwarding your information to the actual server.
 

What is session hijacking (firesheep)?

Session hijacking (firesheep) is a type of cyber attack that allows a hacker to steal a user's login credentials and take control of their online accounts by intercepting and using their session cookies.

How does session hijacking (firesheep) work?

Firesheep is a tool that allows hackers to intercept unencrypted session cookies from a user's computer while connected to a public Wi-Fi network. These cookies contain information that allows the hacker to access the user's online accounts without needing their login credentials.

What can be done to prevent session hijacking (firesheep)?

To prevent session hijacking (firesheep), users should avoid using public Wi-Fi networks and instead use a secure, password-protected network. Additionally, enabling HTTPS and SSL encryption on websites can make it more difficult for hackers to intercept session cookies.

What are the potential consequences of session hijacking (firesheep)?

The consequences of session hijacking can vary depending on the information accessed by the hacker. In some cases, they may be able to access sensitive personal information, financial accounts, or even take control of the user's entire online presence.

How can I protect my online accounts from session hijacking (firesheep)?

To protect your online accounts from session hijacking (firesheep), it is important to use strong, unique passwords for each account and to regularly change them. Additionally, using two-factor authentication and monitoring your account activity can also help prevent unauthorized access.

Similar threads

Emails/Forums Say My IP is X, Avast Says My IP is Y....How Possible?
    • Computing and Technology
Replies
4
Views
805
How can I fix a device that requires a ping response from www.skype.com?
    • Computing and Technology
Replies
3
Views
2K
Anonimity: Time to take the internet back.
    • Computing and Technology
Replies
4
Views
3K
Do You Trust "Reviews" on Next Door?
    • General Discussion
Replies
16
Views
1K
How can I protect my flash drive from reformat?
    • Computing and Technology
Replies
5
Views
2K
Privacy of Members on Physicsforums: What is Stored and Protected?
    • Feedback and Announcements
Replies
3
Views
2K
  • Sticky
Getting Started With Computers and Programming
    • Programming and Computer Science
Replies
13
Views
4K
What could be causing slow browsing in Firefox 8.0.1 and how can it be improved?
    • Computing and Technology
Replies
1
Views
2K
Protecting yourself from botnets
    • Computing and Technology
Replies
4
Views
3K
Physics Forums Privacy Policy
    • Feedback and Announcements
Replies
0
Views
94K

Hot Threads

Recent Insights

Back
Top