BlackSheep
BlackSheep is a Firefox add-on which warns users if someone is using Firesheep on their network. It also indicates the IP address of the machine that is spying on you.
Cost / License
- Free
- Proprietary
Platforms
- Mac
- Windows
- Linux
- Firefox
BlackSheep
Features
Tags
- firesheep
- Session
- prevention
- spying
- defense
- hijack
- Firefox Extension
BlackSheep News & Activities
Recent activities
BlackSheep information
Developed by
Zscaler Licensing
Proprietary and Free product.Alternatives
0 alternatives listedSupported Languages
- English
What is BlackSheep?
BlackSheep is a Firefox add-on which warns users if someone is using Firesheep on their network. It also indicates the IP address of the machine that is spying on you.
To understand how BlackSheep works, we first need to understand the details of FireSheep. FireSheep listens to the HTTP traffic on port 80. When it identifies a transaction to a known site (Facebook, Google, Yahoo!, etc.), it looks for specific cookie values which are then used to identify a specific user. This phase of the attack cannot be detected as it is done passively.
When FireSheep identifies a user session, it then makes a request to the same site using the user's cookie values in order to retrieve user information such as their name, picture, etc. This active network activity is however visible to others on the local network.
BlackSheep detects the active connection made by Firesheep. It does this by making HTTP requests to random sites handled by FireSheep every 5 minutes (configurable) with fake values. BlackSheep then listens to all HTTP requests on the network to detect if somebody else is using the same fake values.