• +
How to Delete Browser Cookies Cache and History

How to Delete Browser Cookies Cache and History

Bookmark

The Following tips and trick How to Delete Browser Cookies Cache and History is a simple tips and trick to secure your browsing experience.

Maybe a few people a little bit confused when they are hearing about how to prevent attack from session sidejacking, because session sidejacking cannot be anticipated in a usual way. The prevention should come from the developer or from network administrator. But for end user like me, we can do something useful to minimalize the attack to us(but not prevent it!) by cleaning our browser cookies, cache and history. But one thing you should understand, that when we clean our browser cache, doesn't mean we're already finish and no one can hijack our session, because the server still put our session cookies information. Let me draw the process below.

How to Delete Browser Cookies Cache and History

The Process How to Delete Browser Cookies Cache and History:

1. User send username and password over unencrypted network, and cracker read all the packets data across the network.

2. Server authenticate the user and judge whether the user is valid or not. If the user is valid, the server will give one unique session ID to the user.

3. The session ID will be stored on user computer(in browser) and valid until the user log out from the server, or the session ID will expire until the time determined by the server. That's why if you're inside a public network(usually hotspot), don't use the "remember me" feature from the web application, because it will make your session ID become static.

Why by deleting browser cookies, cache and history doesn't guarantee I'm free from session sidejacking attack?

To understand this, maybe you can see the figure below.

How to Delete Browser Cookies Cache and History

The Process(this happen when the user click "remember me" option) :

1. User delete the browser cookies, cache and history, but he/she forget to contact the server that he already quit. The session cookies will be deleted and cleared in user computer, but not in the server.

2. Attacker still can use the session ID to act as a valid user.

It doesn't mean that when you clear your browser cache or history means that you're safe, it's not yet…but you've already do the right things, and still didn't finish it yet. Below is the step by step how to clear the browser cache in Mozilla Firefox(I really love Firefox 🙂 )

1. Click Tools –> Clear Recent History

How to Delete Browser Cookies Cache and History

 

2. You can choose which time range you want to clear, and which data you want to clear.

How to Delete Browser Cookies Cache and History

But if your computer is a personal computer and it's used by a lot of user(family computer), maybe you can try to manage your computer to always clear all of the cookies, history and cache everytime you closed the Firefox.

1. Click Tools –> Options

How to Delete Browser Cookies Cache and History

2. In the Privacy tab, you can choose "Never Remember History" if you're in a public computer, but if you're in a private computer, this option can make all of the web application asks your login information each time you visit the website. :p

How to Delete Browser Cookies Cache and History

I hope this tips and trick can make you clear about the session ID in your computer or in the server side.

Share this article if you found this post was useful:

Blogger at hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com

See all posts by || Visit Website : http://www.vishnuvalentino.com