Linked by David Adams on Mon 8th Nov 2010 16:49 UTC, submitted by HAL2001
Privacy, Security, Encryption Firesheep is a Firefox extension that makes it easier to steal logins and take over social media and email accounts after users log in from a WiFi hotspot or even their own unprotected network. Zscaler researchers have created, and are now offering to every consumer, a free Firefox plugin called BlackSheep, which serves as a counter-measure. BlackSheep combats Firesheep by monitoring traffic and then alerting users if Firesheep is being used on the network. BlackSheep does this by dropping ‘fake’ session ID information on the wire and then monitors traffic to see if it has been hijacked.
Thread beginning with comment 449097
To read all comments associated with this story, please click here.
A slow acting alarm as countermeasure?
by tomz on Mon 8th Nov 2010 17:40 UTC
tomz
Member since:
2010-05-06

It only sends the fake stuff every 5 minutes so could be countered by adding a window to firesheep.

It also doesn't stop a hijacked session, so you get hijacked and see later that firesheep is running somewhere - now you have to logout in the interim and hope nothing bad happened.

If they aren't using IP verification, I can use a VPN tunnel for the transmissions and blacksheep would not see them.

Reply Score: 1