Posted: Mon Nov 08, 2010 6:30 am Post subject: Anyone know how to protect yourself from Cain and Abel?
If you don't already know, Cain and Abel is a password recovery tool. It can recover many kinds of passwords using methods such as network packet sniffing, cracking various password hashes by using methods such as dictionary attacks, brute force and cryptanalysis attacks.
Hackers can use this tool from a remote computer on your LAN to see your passwords and what websites you're visiting.
I was wondering if anyone knew anything you could to to prevent, or at least make it harder for them to do this. Thanks
Assuming you are talking about protecting a corporate environment, what you are asking is potentially a huge subject. Some suggestions:
1. Use a fully switched network, i.e. ethernet switches, not hubs. This makes it harder (though not impossible) to sniff traffic.
2. Use network access control to stop unauthenticated devices connecting to the network.
3. Secure your wireless network with WPA2 (WEP, WEP2 and WPA are too weak).
4. Physically secure the site: don't let strangers with laptops in.
5. Use application whitelisting to prevent sniffing software being installed on your own computers.
6. Use application protocols that encrypt passwords, e.g. SSL, TLS, SSH, and not FTP, Telnet, POP3, etc.
Cain and Abel misuse vulnerable network protocols.
Adding to the previous list, make sure group policy security settings are configured correctly.
A network may have the best IDS/IPS, firewall, and antivirus; but issuing SMB, NetBIOS, and LDAP commands to enumerate user accounts in Active Directory is "normal" network behavior that is not usually caught by these devices.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum