Author Topic: Firesheep: Beware of open Wifi  (Read 2254 times)

0 Members and 1 Guest are viewing this topic.

Offline Frobozz

  • Administrator
  • Big Daddy Hero
  • *****
  • Posts: 14011
  • Liked: 68
  • Children?: 2
  • First Name?: Mitch
  • Location: Colorado
Firesheep: Beware of open Wifi
« on: October 27, 2010, 02:37:50 PM »
If you haven't yet heard, there's a new add-on to firefox called Firesheep.  It let's the user collect unecrypted cookies on an open Wifi network.   So if you're using a public wifi connection, make sure you use https://  instead of http:// as much as possible to force your browser into 128-bit encryption mode.

Here's info on Firesheep by the site that posted the add-on: http://codebutler.com/firesheep



 

Offline keetedw

  • Nos Audietis!
  • Global Moderator
  • Big Daddy Hero
  • *****
  • Posts: 1979
  • Liked: 34
  • Children?: 1
  • First Name?: Keet
  • Location: Anchorage, AK
  • Xbox Gamertag: KeetAK
Re: Firesheep: Beware of open Wifi
« Reply #1 on: October 27, 2010, 03:24:00 PM »
How has this not been banned from FF?  Is the usefulness (whatever that may be) of this plugin enough to warrant the potential damage it allows?

Of course, now I want to install this for when my buddies visit my house and use my network.  Then I can login to their facebook and post about how awesome I am.
 

"Some people feel the rain.  Others just get wet" Dylan/Marley

Offline Frobozz

  • Administrator
  • Big Daddy Hero
  • *****
  • Posts: 14011
  • Liked: 68
  • Children?: 2
  • First Name?: Mitch
  • Location: Colorado
Re: Firesheep: Beware of open Wifi
« Reply #2 on: October 27, 2010, 03:26:38 PM »
How has this not been banned from FF?  Is the usefulness (whatever that may be) of this plugin enough to warrant the potential damage it allows?

Of course, now I want to install this for when my buddies visit my house and use my network.  Then I can login to their facebook and post about how awesome I am.

1) Firesheep is not available from Mozilla.  You have to get it from codebutler

2) My test show that it only works on open wifi.  If you have a WEP/WPA key on your home network, it will not work.


 

Offline z_randy

  • hurricanes suck
  • Assistant Admin
  • Big Daddy Hero
  • ****
  • Posts: 11517
  • Liked: 55
  • Don't Panic!
  • Children?: 2
  • First Name?: Randy
Re: Firesheep: Beware of open Wifi
« Reply #3 on: October 27, 2010, 03:37:58 PM »
Maybe it's not available from FF but damn they should ban it somehow. FF was supposed to be the "safe" alternative



Every day, from here to there,funny things are everywhere

Offline keetedw

  • Nos Audietis!
  • Global Moderator
  • Big Daddy Hero
  • *****
  • Posts: 1979
  • Liked: 34
  • Children?: 1
  • First Name?: Keet
  • Location: Anchorage, AK
  • Xbox Gamertag: KeetAK
Re: Firesheep: Beware of open Wifi
« Reply #4 on: October 27, 2010, 03:43:50 PM »
WEP will not prevent me from explaining how awesome I am on Facebook!
 

"Some people feel the rain.  Others just get wet" Dylan/Marley

Offline z_randy

  • hurricanes suck
  • Assistant Admin
  • Big Daddy Hero
  • ****
  • Posts: 11517
  • Liked: 55
  • Don't Panic!
  • Children?: 2
  • First Name?: Randy
Re: Firesheep: Beware of open Wifi
« Reply #5 on: October 27, 2010, 03:53:23 PM »
WEP will not prevent me from explaining how awesome I am on Facebook!



Every day, from here to there,funny things are everywhere

Offline Frobozz

  • Administrator
  • Big Daddy Hero
  • *****
  • Posts: 14011
  • Liked: 68
  • Children?: 2
  • First Name?: Mitch
  • Location: Colorado
Re: Firesheep: Beware of open Wifi
« Reply #6 on: October 27, 2010, 03:54:29 PM »
Maybe it's not available from FF but damn they should ban it somehow. FF was supposed to be the "safe" alternative

No, this is not a flaw in firefox.  Firefox isn't putting you or anyone at risk.   This add-on was written for Firefox to view the cookies being sent and received by ALL browsers.  

There has been talk about why/why not Mozilla could/would ban this.  As an open source product, it's hard to pick an add-on that wouldn't be allowed to installed.  Besides, it wouldn't be hard to reverse-engineer out that filter.  


 

Offline Frobozz

  • Administrator
  • Big Daddy Hero
  • *****
  • Posts: 14011
  • Liked: 68
  • Children?: 2
  • First Name?: Mitch
  • Location: Colorado


 

Offline MindBender

  • Da SingleDaddy
  • Big Daddy Hero
  • *****
  • Posts: 3819
  • Liked: 5
Re: Firesheep: Beware of open Wifi
« Reply #8 on: February 26, 2012, 09:29:45 PM »
Running FileShepherd might be a bad idea as it pretty much does a DDOS on facebook which is not a good idea..  see below

This is essentially what FireShepherd does. FireShephed continuously sends random data over the network in an attempt to confuse session hijacking tools such as Firesheep. To an attacker, this is nothing more than a simple annoyance. FireShepherd does not change the fact that sensitive information is being sent insecurely.

Sending out lots of random data, especially over a wireless network, can disturb everyone else on the network and result in their connections becoming slow and/or unreliable. In addition, FireShepherd by default sends all this data out over the Internet to www.facebook.com, placing unnecessary load on their servers. This is usually referred to as a Distributed Denial of Service Attack, and is probably not something you want to participate in.

FireShepherd provides no real security and is harmful to Facebook’s servers and the local network which it is used on. Nobody should recommend using it for any reason.


I know I bumped another very old thread but I figure if someone is still running FileSheppard they might want to know that its really effective and that it is pretty much DDOSing Facebook when you use it.  So, I figure the epic bump might be worth the podding I might get for such epic thread bumps as this.  LOL

Offline Morpheus

  • My 4 princesses
  • Big Daddy Hero
  • *****
  • Posts: 563
  • Liked: 1
Re: Firesheep: Beware of open Wifi
« Reply #9 on: March 01, 2012, 08:33:45 PM »
Thanks for the post and info..... I am a FF and Linux junky.....

Tachiinii

  • Guest
Re: Firesheep: Beware of open Wifi
« Reply #10 on: September 26, 2012, 02:52:08 PM »
as an IT person people ask me about public WiFi and i tell them to follow these 2 rules.

1. do not use public wifi

2. DO NOT USE PUBIC WIFI

Offline z_randy

  • hurricanes suck
  • Assistant Admin
  • Big Daddy Hero
  • ****
  • Posts: 11517
  • Liked: 55
  • Don't Panic!
  • Children?: 2
  • First Name?: Randy
Re: Firesheep: Beware of open Wifi
« Reply #11 on: September 27, 2012, 10:01:47 AM »
as an IT person people ask me about public WiFi and i tell them to follow these 2 rules.

1. do not use public wifi

2. DO NOT USE PUBIC WIFI

Personally I wouldn't touch anyones PUBIC wifi  :biggrin:



Every day, from here to there,funny things are everywhere

 



Sitemap Multimedia Forum
Daddy's Deals DP Daily News Blogs
EBooks Donations Contact Us
Daddyplace Constitution