Firesheep

Firesheep is an extension for the Mozilla Firefox Web browser that makes it possible in an unsecured network (eg, public Wi-Fi ) with little effort to perform session hijacking, and thus make use of various Internet services with an identity of other users on that network. For this, the module uses a sniffer, which is reading the data traffic on the network and filters out unencrypted session cookies of different services. Were those found, they are listed in a sidebar and with one click, the service in question will be used with the foreign identity.

It was released on October 24, 2010 by Eric Butler. The author explained that he wanted to do with the publication of this extension to this in many Internet services ( including, for example, Amazon, Facebook, and Twitter) existing vulnerability alert and move the operators of these sites to act. Since the version of Firefox 23, the add-on is no longer officially compatible.

Dissemination, countermeasures and detection

Firesheep spread very rapidly at first and called forth corresponding echo in the media. Soon after, presented some services such as Facebook and Twitter first option and later by default through encrypted SSL connections available, which exclude an attack as it performs Firesheep.

Countermeasures

One of the ways to protect themselves against Firesheep, is to use a secure connection. This can for example be realized with HTTPS, a VPN or through an encrypted wireless connection.

Recognition

To find out if someone used on the local network " Firesheep " Firefox extension program Blacksheep offers itself. This software sends wrong session information and observed whether the session is stolen. While Firesheep largely passive acts in the normal operation of, once it has found a session id, a request to the same domain with the stolen information by. It is this request is recognized by Black Sheep and the user is warned.