A Firefox extension that was designed to demonstrate the serious issue of HTTP session hijacking (sidejacking). Many websites allow its users to submit a username and password on-site, and then after checking for matching account information, the server replies back with a cookie that will be used by your Web browser for all subsequent requests. The cookie in this scenario is vulnerable to HTTP session hijacking. The Firesheep Firefox extension is designed to illustrate how easy this sensitive information can be sidejacked and to encourage website owners to offer more secure login-ins, such as full end-to-end encryption (HTTPS or SSL).
Firesheep was designed byric Butler, a freelance web application and software developer in Seattle, WA.
See also "10 Ways to Protect Yourself from Firesheep Attacks" on eSecurityPlanet.
Featured Partners Sponsored
- Increase worker productivity, enhance data security, and enjoy greater energy savings. Find out how. Download the “Ultimate Desktop Simplicity Kit” now.»
- Find out which 10 hardware additions will help you maintain excellent service and outstanding security for you and your customers. »
- Server virtualization is growing in popularity, but the technology for securing it lags. To protect your virtual network.»
- Before you implement a private cloud, find out what you need to know about automated delivery, virtual sprawl, and more. »