Task 3.8: Attacking Authentication with Firesheep
While cryptography may not be something that every Security+ certified professional dreams about, you must understand the protection that cryptographic controls provide and how they can be used to secure assets and control access. Many websites use weak encryption or none at all. This task will examine one of the methods used to bypass authentication.
This task will examine one method to attack authentication and perform a sidejacking attack with Firesheep. Sidejacking is possible as many websites only initially use encryption to gain access to an account. Once established, access is maintained by means of a cookie. Cookies are used to validate users to Facebook, Twitter, and other sites through ...
Get Security Administrator Street Smarts: A Real World Guide to CompTIA Security+™ Skills, Third Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
