UGN Security
Posted By: cat stolen cookies - 09/08/06 11:36 AM
I have reason to believe that someone has stolen my cookies and now i have some questions.

Is it possible that someone could place a cookie grabber on say the main menu of a forum and then get all my cookies?

Could those cookies then be used to show that person what web sites i visit, and be used to track my activity online?

Could the person who stole cookies then gain access using my username and password and cookies to other web sites?

If they can get access is deleting cookies and changing my password enough to stop them from accessing it again or will the old cookie still work?

Is there some other way they could access anothe rsite i use and get information about who is there and ip addresses?

Some web sites won't work if cookies are not allowed. How to i protect myself from cookie grabbers when cookies are essential and convenient?

I use adaware, anti virus software and a firewall, is there anything else i should be using to prevent security breaches?
Posted By: Ghost Re: stolen cookies - 09/08/06 08:32 PM
Cookies are basically a text file stored on your computer. The data they contain is sent to webservers that the cookie says it should be sent to. The way browsers and cookies work, only the cookies for a certain website will be sent to that website. If someone used some sort of cookie stealer to steal cookies, those cookies would be for the domain in question. So, in short, just visiting a page, unless the browser itself is vulnerable (like Internet Explorer), will not reveal cookie data and browsing history. For a site where your cookies were stolen, yes, changing the password for the account will usually prevent the cookies from being used to acess your account.

It's not your resonsibility to protect yourself from cookie stealers as long as you use up-to-date browsers, such as Firefox. If your cookies are stolen, it's because the site or server itself is insecure.
Posted By: cat Re: stolen cookies - 09/08/06 10:50 PM
thank you smile

but if it wasnt cookies i have more questions im afraid.

say someone (an admin) from one forum claims to be able to tell who is logged in when on another forum ,completly unrealted to her server and not the dame type of bb, and completely private forum that she has no acccess to, and claims to have ip logs proving you were logged into both sites at the same time, and has tracked your movement between both sites. is that possible somehow? how would i stop her from doing the same thing again?
Posted By: Ghost Re: stolen cookies - 09/08/06 11:18 PM
Well, the only way they would be able to do that is if you were infected with some sort of malware, which might be possible, though unlikely. The other possibility is that this person has some sort of access to the server though subversive means. And, it's (almost) always possible to tell where you were right before coming to another site by way of the "referer" header, which has many legitimate and useful purposes.

Though, from what I can gather, it sounds like this person is just trying to scare you, in some sort of attempt to extort you or otherwise gain something. Considering your reaction, it seems to be working. You might try stepping back and thinking about the possibility of being socially engineered.
Posted By: cat Re: stolen cookies - 09/08/06 11:51 PM
i am sure she is just trying to scare me. and i am playing right into her hands by being worried. althougb unless she happens to read here she has no idea just how concerned her claims made me.

would the referrer header show if her site was opened in a new tab from a bookmark? what about if in a new window or would it have to be a new browser?

sorry i know im probably being really annoying but it is driving me crazy trying to figure it out lol
Posted By: Ghost Re: stolen cookies - 09/09/06 12:29 AM
I don't know whether or not you could tell the refering site if it was opened in a new tab, though I doubt it. You might try disabling the referer information sent to that site, which you can learn how to do in your browser documentation.
Posted By: cat Re: stolen cookies - 09/09/06 12:38 AM
i found a firefox extension to do that, so have that set up now.

thanks for all your help ghost.
Posted By: Artic Warrior Re: stolen cookies - 10/08/06 06:41 PM
Ghost is cool like that, I wonder if he remembers helping me with the router login.
© UGN Security Forum