Firesheep is a Firefox extension that basically allows anyone you are sharing a wireless network with to discover and access certain online sessions that you are logged into. Many sites encrypt information only for your initial log in; once you successfully log in, the server (that hosts the website you are accessing) sends your browser a cookie granting you access. Once you are logged in, the site reverts back to an unencrypted transmission. Firesheep allows other users to access someone else’s cookies and enter websites using that login information.
To effectively combat Firesheep, you can download one of several plug-ins for Firefox that will force a webpage to use a secure web connection. However, in order for this work, the website must support full end-to-end encryption (either as HTTPS or SSL). For more information and to learn how to install one of these plug-ins, visit the University Information Security Office page.Tags: Browsers, firefox, Security