BlackSheep add-on combats Firesheep session hijacking tool


November 8, 2010

BlackSheep keeps an eye out for nefarious session hijackers using Firesheep (Image: Tanel Teemusk via Flickr)

BlackSheep keeps an eye out for nefarious session hijackers using Firesheep (Image: Tanel Teemusk via Flickr)

Image Gallery (2 images)

Last month Seattle programmer Eric Butler exposed the weaknesses of open Wi-Fi networks with his Firesheep add-on for FireFox. The program intercepts browser cookies to identify users and allows anyone running it to log into sites such as Facebook and Twitter as the legitimate user. While Butler wanted to encourage the use of HTTPS to combat such vulnerabilities, users can now combat Firesheep with another Firefox add-on – BlackSheep.

Developed by researchers at Zscaler, BlackSheep works by continually dropping "fake" session ID information onto the wire and monitoring traffic for another IP address re-submitting this same information to see if it has been hijacked. If it detects the presence of Firesheep on the network, it alerts the user with a warning and the IP address of the person using it so they can log off and seek out more secure surroundings.

Because BlackSheep shares much of the same code base as Firesheep, the two add-ons cannot be installed on the same Firefox instance. If users want to run both on the same machine they will need to install them in different Firefox profiles.

The BlackSheep add-on is available as a free download for Mac OS X and Windows XP or later systems from Zscaler.

About the Author
Darren Quick Darren's love of technology started in primary school with a Nintendo Game & Watch Donkey Kong (still functioning) and a Commodore VIC 20 computer (not still functioning). In high school he upgraded to a 286 PC, and he's been following Moore's law ever since. This love of technology continued through a number of university courses and crappy jobs until 2008, when his interests found a home at Gizmag. All articles by Darren Quick
Post a Comment

Login with your Gizmag account:

Related Articles
Looking for something? Search our articles