Meatloaf Testing

[gotmilk]

Packet Sniffing For Dummies



Firesheep
From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Firesheep

Firesheep is an extension for the Firefox web browser [that] uses a packet sniffer to intercept unencrypted cookies from certain websites (such as Facebook and Twitter) as the cookies are transmitted over networks, exploiting session hijacking vulnerabilities.

It shows the discovered identities on a sidebar displayed in the browser, and allows the user to instantly take on the log-in credentials of the user by double-clicking on their name.

The extension was created as a proof of concept that many web sites only encrypt the login process and not the cookie created from it, and only posing a security risk that is exploited by the extension.

See also
Session hijacking http://en.wikipedia.org/wiki/Session_hijacking
Cookie hijacking http://en.wikipedia.org/wiki/HTTP_cookie#Cookie_hijacking
HTTPS http://en.wikipedia.org/wiki/HTTPS
Transport Layer Security http://en.wikipedia.org/wiki/Transport_Layer_Security


http://www.jacktimes.com/technology/internet/firesheep-can-allow-anyone-to-hack-your-facebook-account-–-3-protections.html
Firesheep can allow anyone to hack your Facebook account.