Revision as of 19:54, 26 December 2015 view source DatGuy (talk \| contribs) Edit filter managers, Autopatrolled, Checkusers, Administrators 40,093 edits m Reverted edits by 2602:306:3426:8280:0:0:0:49 (talk): Unexplained removal of content (HG) (3.1.18) ← Previous edit		Revision as of 07:22, 29 December 2015 view source 66.87.103.104 (talk) No edit summary Tags: Visual edit Mobile edit Mobile web edit Next edit →
Line 252: ===Network eavesdropping=== [[File:Cookie-sniffing.svg\|thumb\|A cookie can be stolen by another computer that is allowed reading from the network]] Traffic on a network can be intercepted and read by computers on the network other than the sender and receiver (particularly over [[plaintext\|unencrypted]] open [[Wi-Fi]]). This traffic includes cookies sent on ordinary unencrypted [[HTTP]] sessions. Where network traffic is not encrypted, attackers can therefore read the communications of other users on the network, including HTTP cookies as well as the entire contents of the conversations, for the purpose of a [[man-in-the-middle attack]]. An attacker could use intercepted cookies to impersonate a user and perform a malicious task, such as transferring money out of the victim’s bank account.

HTTP cookie: Difference between revisions