[Owasp-Malaysia] Firesheep: Very impressive and proven Tool

Raja Iskandar Shah rajaiskandars at gmail.com
Wed Oct 27 03:12:53 EDT 2010


isnt firesheep a mitm in itself ? meaning if you had it installed, you can
'spy' on others and others can 'spy' on you via firesheep as a form of
spyware ?

let's try this. mr a install firesheep and mr b also install firesheep. then
both connect to an unsecure open network. then let's see what mr b can get
from mr a, and what mr a can get from my b.




On Wed, Oct 27, 2010 at 12:38 PM, CL Chow <klrkdekira at gmail.com> wrote:

> noscript can actually stop it too
> am trying to build it for linux too, still not working yet
>
> Regards,
> CL Chow
> "Please do not send me Microsoft Office/Apple iWork documents. Send
> OpenDocument instead! http://fsf.org/campaigns/opendocument/"
>
>
>
>
>
> On Wed, Oct 27, 2010 at 11:58 AM, Harisfazillah Jamel <
> linuxmalaysia at gmail.com> wrote:
>
>> Thanks Fazli,
>>
>> I write a express writeup how to protect yourself using wireless. Its in
>> Malay
>>
>> http://bit.ly/hackwirelessmy
>>
>> http://goo.gl/C64B
>>
>> Thanks.
>>
>> On Wed, Oct 27, 2010 at 11:54 AM, Mohd Fazli Azran
>> <mfazliazran at gmail.com> wrote:
>> > Dear all members,
>> >
>> > I think you all already know the hottest add on Firefox call "firesheep"
>> > spreading to the world now. This kind of attack related to MITM Attack.
>> To
>> > know about this tool more Please go to Codebutler site. It explain to
>> you
>> > how firesheep work on open wireless network.  It capture the cookies on
>> your
>> > web browser. To download please click Firesheep (Please use for
>> > educational purpose!!! :) I beg you all)
>> > This Tool already presented at Toorcon 12  they announce of release the
>> > "Firesheep". Not bad and it  good for sniffing now your become
>> > amateur hacker.
>> > The tip avoid MITM attack
>> > 1) Use only secure wifi
>> > 2) VPN (If you want use open wireless)
>> > 3) Use end-to-end encryption
>> > 4) Use https login
>> > They already web add on by default at Firesheep. You can add others
>> website
>> > to see it can capture all the username or password or content. What we
>> > should worry if we open any online banking at open wireless.
>> Be careful on
>> > that.
>> >
>> > Mohd Fazli Azran
>> _______________________________________________
>> Owasp-Malaysia mailing list
>> Owasp-Malaysia at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>>
>> OWASP Malaysia Wiki
>> http://www.owasp.org/index.php/Malaysia
>>
>> OWASP Malaysia Wiki Facebook
>> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>>
>
>
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.org/index.php/Malaysia
>
> OWASP Malaysia Wiki Facebook
> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-malaysia/attachments/20101027/a080e027/attachment-0001.html 


More information about the Owasp-Malaysia mailing list