Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Mon 01 Sep 2014, 18:11
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Wifi and Browser vulnerability using hot spots???
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [2 Posts]  
Author Message
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Fri 03 Jun 2011, 13:04    Post subject:  Wifi and Browser vulnerability using hot spots???  

I am too technically challenged to get the text but maybe somebody here can explain how it works and how to secure oneself if that is possible?

FaceNiff app for Android puts Facebook hacking in the palm of your hand (and we tell you how to avoid it)
http://www.gizmag.com/faceniff-session-hijacking-android-app/18786/

Quote:
FaceNiff is a new Android app that can be used to hijack sessions on public or private Wi-Fi networks without needing to lug around a laptop.

FaceNiff currently "supports" Facebook, Twitter, YouTube, Amazon and Nasza-Klasa (a Polish social network), though more services are promised. Thankfully, the app only works on a select few handsets and requires jailbreaking, so it's not a complete free-for-all just yet.

Regardless of exactly how many people are using these tools, you should be protecting yourself - waiting until you get hacked could be incredibly embarrassing or even costly. Facebook and Twitter both allow you to enable secure HTTP sessions as default, which renders tools like these useless.


Firesheep session hijacking tool makes public Wi-Fi useless
http://www.gizmag.com/firesheep-http-hijacking-tool/16726/
Quote:

In a post on his site Butler describes how Firesheep works. Once installed, Firesheep displays a sidebar with a “Start Capturing” button. All the user needs to do is connect to an open Wi-Fi network, click the button and as soon as anyone on the network visits an insecure site known to Firesheep, the program captures the cookie that contains their log in details and their name and photo will be displayed in the sidebar. Double click on the displayed user and you’ll be logged in as them and able to wreak all kinds of havoc.

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
vickyg2003


Joined: 29 Apr 2011
Posts: 64

PostPosted: Fri 03 Jun 2011, 14:48    Post subject:  

Unsecured wifi is very suseptible to being hacked. The vulnerability comes with the way credentials are handled. There are a couple types of hacks that can happen. The biggest vulnerablility is when you move from https to http and back.

When you enter login information, you should be in a https, while you are logged in, you should stay in an https site. You should log out.

So avoid doing business on unsecured wifi. If you must, if you can use a VPN. If not avoid any sites that move you from https to http or http to https automatically. If you have an HTTPS option for your bookmarks, use them.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [2 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0489s ][ Queries: 12 (0.0108s) ][ GZIP on ]