Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 06 Mar 2014, 23:20
All times are UTC - 4

 Forum index » Off-Topic Area » Security
Wifi and Browser vulnerability using hot spots???
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 1 of 1 Posts_count  
Author Message
nooby

Joined: 29 Jun 2008
Posts: 10204
Location: SwedenEurope
PostPosted: Fri 03 Jun 2011, 13:04    Post_subject:  Wifi and Browser vulnerability using hot spots???  
I am too technically challenged to get the text but maybe somebody here can explain how it works and how to secure oneself if that is possible?

FaceNiff app for Android puts Facebook hacking in the palm of your hand (and we tell you how to avoid it)
http://www.gizmag.com/faceniff-session-hijacking-android-app/18786/

Quote:
FaceNiff is a new Android app that can be used to hijack sessions on public or private Wi-Fi networks without needing to lug around a laptop.

FaceNiff currently "supports" Facebook, Twitter, YouTube, Amazon and Nasza-Klasa (a Polish social network), though more services are promised. Thankfully, the app only works on a select few handsets and requires jailbreaking, so it's not a complete free-for-all just yet.

Regardless of exactly how many people are using these tools, you should be protecting yourself - waiting until you get hacked could be incredibly embarrassing or even costly. Facebook and Twitter both allow you to enable secure HTTP sessions as default, which renders tools like these useless.


Firesheep session hijacking tool makes public Wi-Fi useless
http://www.gizmag.com/firesheep-http-hijacking-tool/16726/
Quote:

In a post on his site Butler describes how Firesheep works. Once installed, Firesheep displays a sidebar with a “Start Capturing” button. All the user needs to do is connect to an open Wi-Fi network, click the button and as soon as anyone on the network visits an insecure site known to Firesheep, the program captures the cookie that contains their log in details and their name and photo will be displayed in the sidebar. Double click on the displayed user and you’ll be logged in as them and able to wreak all kinds of havoc.

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send_private_message 
vickyg2003


Joined: 29 Apr 2011
Posts: 64
PostPosted: Fri 03 Jun 2011, 14:48    Post_subject:  
Unsecured wifi is very suseptible to being hacked. The vulnerability comes with the way credentials are handled. There are a couple types of hacks that can happen. The biggest vulnerablility is when you move from https to http and back.

When you enter login information, you should be in a https, while you are logged in, you should stay in an https site. You should log out.

So avoid doing business on unsecured wifi. If you must, if you can use a VPN. If not avoid any sites that move you from https to http or http to https automatically. If you have an HTTPS option for your bookmarks, use them.
Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 1 of 1 Posts_count  
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Off-Topic Area » Security
Jump to:  


Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

[ Time: 0.0402s ][ Queries: 11 (0.0063s) ][ GZIP on ]