Firesheep

Why Trust Techopedia

What Does Firesheep Mean?

Firesheep is a Mozilla Firefox extension that uses packet sniffing to hijack unsecured Wi-Fi network sessions and capture unencrypted website cookies during network data transmission.

Advertisements

Firesheep was created by software developer Eric Butler and released in 2010 to prove the security risks associated with a number of popular websites, including Facebook and Twitter. The software served to highlight a major Web browsing security flaw that could expose users to malicious hackers. Of course, its capabilities were also useful to hackers, leading to some public concern about the software.

Techopedia Explains Firesheep

Most websites require user credentials, such as username and password, for authentication. After verification, website servers respond with unencrypted cookies for subsequent browser requests, which enables easy hijacking – especially in open Wi-Fi hot spot locations.

Firesheep essentially analyzed unencrypted Web traffic between a Wi-Fi router and the computers on the same network. As a Web browser exchanges cookie information with a website, Firesheep is able to snag session cookies, which could provide unrestricted access to a user’s email, Facebook or Amazon account.

Although many websites have since switched to SSL connections, public Wi-Fi still presents security risks to users. Best practices should be used.

Advertisements

Related Terms

Margaret Rouse
Technology Expert
Margaret Rouse
Technology Expert

Margaret is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages.