[Owasp-Malaysia] Firesheep: Very impressive and proven Tool

Mohd Fazli Azran mfazliazran at gmail.com
Tue Oct 26 23:54:24 EDT 2010


Dear all members,


I think you all already know the hottest add on Firefox call "firesheep"
spreading to the world now. This kind of attack related to MITM Attack. To
know about this tool more Please go to
Codebutler<http://codebutler.com/firesheep>site. It explain to you how
firesheep work on open wireless network.  It
capture the cookies on your web browser. To download please click
Firesheep<http://codebutler.github.com/firesheep/> (Please
use for educational purpose!!! :) I beg you all)

This Tool already presented at Toorcon 12  <http://sandiego.toorcon.org/> they
announce of release the "Firesheep". Not bad and it  good for sniffing now
your become amateur hacker.

The tip avoid MITM attack
1) Use only secure wifi
2) VPN (If you want use open wireless)
3) Use end-to-end encryption
4) Use https login

They already web add on by default at Firesheep. You can add others website
to see it can capture all the username or password or content. What we
should worry if we open any online banking at open wireless. Be careful on
that.


Mohd Fazli Azran
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-malaysia/attachments/20101027/04b98fb2/attachment.html 


More information about the Owasp-Malaysia mailing list