sniffing network

[anban]

When I am working in netowrk, how do they find my password. Is there any way they can sniff my password in windows network?

I use winxp sp2, NTLM authentication enabled. Even is they sniff will they be able to decript the password.

please clarify my doubts.

[phishphreek]

Yes, it is possible to sniff and crack your password. There are plenty of tools out there to do this.

LC5: http://www.atstake.com/products/lc/

Cain and Abel: http://www.oxid.it/

KerbCrack: http://ntsecurity.nu/toolbox/kerbcrack/

They are just a few of the many that can break your password after captured.

[anban]

Wonderful.

Thank you, I have tried LC5, Kerbcrack & Kerbsniff. I will try cain&able.

LC5 has the ability to sniff SMB if the network is broadcast network, it dose not work if it is switched network. I dont think Kerbcrack & Kerbsniff can be used to sniff all kinds of authentication e.g., ssl, https, ftp etc.,

But going through the description of Cain&able it seems it has wider applicablity than the other two applications. Let me try out.

Any way thank you very much.

[phishphreek]

You can use those sniffers on a switched lan. You just have to use something like ettercap before to flood the arp tables. While using ettercap, you can use the other programs to sniff too.

[Riot]

Why dont you just ethereal and sniff all the packets going in and our of the network you can fiter by mac address if you only want a sertin node.

[gess~da~devil]

If want to get a really good sniffer, get Ethereal here at http://www.ethereal.com/download.html.

[FanacooL]

You can also try IRIS . I like the GUI interface of the software.

[anban]

Thank you all.
I will try all you said.