Mitigating the 'firesheep' attack at the network layer?

Posted by pobk on Server Fault See other posts from Server Fault or by pobk
Published on 2010-10-25T17:37:15Z Indexed on 2011/01/07 15:55 UTC
Read the original article Hit count: 217

Filed under:
|
|
|

What are the sysadmin's thoughts on mitigating the 'firesheep' attack for servers they manage?

Firesheep is a new firefox extension that allows anyone who installs it to sidejack session it can discover. It does it's discovery by sniffing packets on the network and looking for session cookies from known sites. It is relatively easy to write plugins for the extension to listen for cookies from additional sites.

From a systems/network perspective, we've discussed the possibility of encrypting the whole site, but this introduces additional load on servers and screws with site-indexing, assets and general performance.

One option we've investigated is to use our firewalls to do SSL Offload, but as I mentioned earlier, this would require all of the site to be encrypted.

What's the general thoughts on protecting against this attack vector?

I've asked a similar question on StackOverflow, however, it would be interesting to see what the systems engineers thought.

© Server Fault or respective owner

Related posts about security

Related posts about web-apps