All tricks in this blog are only for educational purpose. Learn these tricks only for your knowledge. Please donot try these to harm any one. We will not take any responsibility in any case. All softwares and tools on this site are here for private purposes only and If you want to use a software for business purpose, please purchase it. I do not host many of these tools. I Post links that I have found from numerous Search engines. I will not be responsible for any of harm you will do by using these tools.


Thursday, June 9, 2011

Tips to avoid Firesheep attacks on wireless networks

Fire sheep is free firefox extension that demonstrates the HTTP session attack. First we have to understand that all firefox users are not hackers. But some people misuse the firesheep extension to hijack HTTP unprotected sessions. This addon can hack all HTTP websites including social networking sites such as facebook, orkut etc. The fact is that most of the websites are equip their login screen as encripted https:\ but the upcoming pages are only unencripted http:\ . So the chances of session hijkack after login is more.

In fact, the small business or home oriented wireless networks are low security or open security networks. This increases the chances of observing the data flow easily than high security WPA/PSK systems. The above two situations can well utilized by a professional hacker to hijack your network session. But the firesheep extension is easy to use even for a normal user. This addon can be installed as an extension in your firefox browser and it observes the surrounding wireless networks to find the best one to hijack. This allows the hacker to login as the user.

But there are preventive measures to avoid being attacked by firesheep. Blacksheep is another addon which helps you to scan machins installed with firesheep. BlackSheep does this by dropping ‘fake’ session ID information on the wire and then monitors traffic to see if it has been hijacked.