Last month we highlighted Firesheep, a new Firefox extension designed to sniff out weak security and hijack web site credentials on open Wi-Fi networks. BlackSheep is an anti-Firesheep tool, designed to alert you whenever Firesheep is active on your local network.
Zscaler, a company specializing in security measures for cloud-based computing services, created Blacksheep to counteract Firesheep session hijacking. Once installed Blacksheep broadcasts fake credentials to essentially fish for Firesheep installations on the network.
When one is detected it displays the alert seen in the screen capture above. The configuration of Blacksheep is dead simple; by default it goes fishing every 5 minutes but you can adjust it down to 1 minute. Blacksheep is a free tool and works wherever Firefox does.
Send an email to Jason Fitzpatrick, the author of this post, at firstname.lastname@example.org.
Your version of Internet Explorer is not supported. Please upgrade to the most recent version in order to view comments.
Okay… but then what do you suggest if you encounter someone using it? Don’t get on the internet then? If I only go to HTTPS sites, is that good enough to stay on the internet with someone using Firesheep?
I see the reason for fear here, but as an IT professional myself, if you really want very secure browsing,
STOP USING PUBLIC WI-FI. Period.
If that’s not an option, you need to invest some time into creating your own SSH Tunnel via Proxy or figure out how to make everyone around you be outstanding examples of ethical behavior as long as you are connected to the hot-spot.PrairieMoon promoted this comment
If you are using Firefox and NoScript addon, please mark lifehacker.com as trusted.