You need to pass along the CSRF token in the header of the service request.
To retrieve the token, navigate to:
http://www.example.com/?q=services/session/token
Copy the token to your clipboard.
Then in FireFox poster, using the "Headers" tab, add this name and value:
- Name: X-CSRF-Token
- Value: [paste-the-token-value-here]
Now when you make requests, the token will be passed along correctly with FireFox Poster.
Here's a detailed blog post outlining this topic:
http://tylerfrankenstein.com/code/drupal-services-csrf-token-firefox-poster