Today tutorial is about Create Secure Connection Using SSH and Putty to Prevent Sidejacking. About 2 weeks ago I write about Simple Sidejacking Using Firesheep, and then a few week after that tools reveal, there’s another application called Blacksheep to prevent the Firesheep attack.
When you using Blacksheep, there will be a pop-up appear when someone in your network using the Firesheep, and I think it’s a little annoying because you can do nothing when you know that someone there is watching you and waiting your packet data across the network.
Maybe you can try to create tunneling by using port 22 (Secure Shell). Below I will write the step by step how to tunneling using SSH.
This is my IP Address before tunneling process.
1. You should have an SSH server(googling it), usually when you have web hosting, there’s an optional feature to enable SSH remoting.
2. Download Putty, and then configure it like in the picture below.
3. After you connected to the SSH server, input your username and password.
4. After you successfully log in, leave the SSH Window opened.
5. The next step you should do is configure your browser to communicate using SOCKS. I’m using Mozilla in this case.
6. Open Mozilla Firefox Browser, Click Tools –> Options –> Advanced –> Network –> Settings.
7. Follow the instruction below to configure Firefox to connect through SSH.
Just finish all of the configuration, let’s check our IP address now using http://whatismyipaddress.com. Here’s my IP address now looks like.
Using SSH it’s another way to prevent the local area network eavesdropping or session sidejacking, but our packet data still can be sniffed at the server side(SSH server) because when you use SSH, the topology like this :
One thing you can do to minimize attack is don’t use the "remember me" because it will store and make your session ID become static. Hope this post useful for you 🙂