shivam99aa
Disciple
a lot of my friends have been talking about cookie stealing.Can anybody tell me what cookie stealing is,how can i do it and how to safegaurd myself from this.
Security Software cookie stealing
- Thread starter shivam99aa
- Start date
~BSOD~
Disciple
Its actually a type of man in a middle attack or session hijacking or you can say side-jacking. According to wikipeedia and in short we can explain it like :
it is a attack where the attacker uses packet sniffing to read network traffic between two parties to steal the session cookie. Many web sites use SSL encryption for login pages to prevent attackers from seeing the password, but do not use encryption for the rest of the site once authenticated. This allows attackers that can read the network traffic to intercept all the data that is submitted to the server or web pages viewed by the client. Since this data includes the session cookie, it allows him to impersonate the victim, even if the password itself is not compromised. Unsecured Wi-Fi hotspots are particularly vulnerable, as anyone sharing the network will generally be able to read most of the web traffic between other nodes and the access point.
For its protection all i can say without going too deep in this is by using a IDS enabled firewall which can support ARp cache protection. Encryption(which can be done by the server side) and NEVER forget to log-off from any active session after completing it.
Even after this you want to know something more you can ask forward.
it is a attack where the attacker uses packet sniffing to read network traffic between two parties to steal the session cookie. Many web sites use SSL encryption for login pages to prevent attackers from seeing the password, but do not use encryption for the rest of the site once authenticated. This allows attackers that can read the network traffic to intercept all the data that is submitted to the server or web pages viewed by the client. Since this data includes the session cookie, it allows him to impersonate the victim, even if the password itself is not compromised. Unsecured Wi-Fi hotspots are particularly vulnerable, as anyone sharing the network will generally be able to read most of the web traffic between other nodes and the access point.
For its protection all i can say without going too deep in this is by using a IDS enabled firewall which can support ARp cache protection. Encryption(which can be done by the server side) and NEVER forget to log-off from any active session after completing it.
Even after this you want to know something more you can ask forward.
blr_p
Level N
Thing with this is it requires the server you communicate with to be able to decrypt your transmission. So if you were working in a VPN environment all your communications to the VPN server would be ok.~BSOD~ said:
The problem is when you are just using the internet without any VPN, a regular browser at home. No server to decrypt on the other end is there. What are your options then ?
You could use an ssh tunnel to a terminal, your comms would be encrypted all the way through but the response would be much slower so it isn't something you could use unless you're on a fast connection 500kbs and upwards. Even then it might stil be laggy.
A wired connection is safer than a wireless ones relatively spekaing. Harder for an intruder to insert themselves into but not impossible. Cable wallahs cables go through the trees but then there are telltale signs of where the tap occurred.
A cellphone connection could also be sniffed if you had a detector but thats harder.
The Wi-Fi would be the easiest one requiring very little to spy on, assuming the operator isn't very clued into securing his network. This is something that needs to be taken seriously as if anyone does anything illegal here the owner bears the brunt and has to face the difficult task of proving it was not them that committed the act. You prolly would get off but not without unnecessary hassles.
Thing that i've wondered about with cookies is what can the websites you vist do with them. Is there anyway they can tell which other sites you have visited or does the site specific cookie limit them to only what you do on their website.
~BSOD~
Disciple
Well, well said. I appreciate your effort for introducing VPN here, but i actually wanted just to convey this in a layman conclusion. As far as your doubts in the end, i can try to solve them but wouldn't it be too late to dig a old dated topic. I mean i am comfortable with this to explain here, but if you want so or any other member may not have any objection to dig this topic out. 