Session Hijacking

Session Hijacking is exploiting a session key(computer session) to access information or services within a computer system without permission. In most cases this is achieved by stealing the magic cookie that a user identifies itself to a remote server.

HTTP cookies are used to maintain sessions on many websites and these can be stolen easily by an attacker having access to the saved cookies from the computer (for instance connecting from a unsecured wireless can grant access to cookies) or by using an intermediary computer.

This has become so mundane to do as programs that do all the hard work exist only a few clicks away. One of the programs is Firesheep.

Firesheep is a Firefox extension that was developed by one Eric Burler. By using a packet sniffer it can intercept unencrypted cookies from websites. The fact that you are using an unencrypted connection makes this program see everything you wouldn’t like to maybe share.

The biggest warning sign is how many downloads this program in the first day of its release: about 129,000. So you should really consider using secured connections.

Unfortunately, even thought you are secured in the local network, it doesn’t mean that you are protected. After your information leaves the secured connection of your local network it reverts to non-secured information that can be stolen by intercepting the traffic on its way to the server. Same problem different zone.

Probably the best solution to date is ,no matter where you are connecting from, to always use Https:// to connect to websites, if they have such possible connections. Also there are programs or extensions that can enforce to always look for Https connections while attempting to connect to websites.  Two of them come to mind:

Force-TLS (https://addons.mozilla.org/en-US/firefox/addon/force-tls/)

HTTPS everywhere plugin(https://www.eff.org/https-everywhere)

My personal view of this matter is that in order to protect yourself against such threats you must protect yourself by any means, especially when the solution is just a click or two away. The fact that people show to the masses the issues that the Internet users are facing on a day by day is a wake up call that can only result in better things in the long run.

More on the subject can be found in the following:

Video course demos Firesheep and some more explanation on the subject: http://cs50.tv/2010/fall/#l=lectures&r=about&v=lectures/8/week8w

References:

http://en.wikipedia.org/wiki/Session_hijacking

http://en.wikipedia.org/wiki/Firesheep

http://codebutler.com/firesheep

Advertisements

About Alexandru

Hi, I am Alexandru currently in Denmark studying at Lillebaelt at Networking as an Erasmus studend.
This entry was posted in IT Security, Week 17. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s