Anyone know how to protect yourself from Cain and Abel?

Networking/Security Forums -> General Security Discussion

Author: juicyjay PostPosted: Mon Nov 08, 2010 6:30 am    Post subject: Anyone know how to protect yourself from Cain and Abel?
    ----
If you don't already know, Cain and Abel is a password recovery tool. It can recover many kinds of passwords using methods such as network packet sniffing, cracking various password hashes by using methods such as dictionary attacks, brute force and cryptanalysis attacks.

Hackers can use this tool from a remote computer on your LAN to see your passwords and what websites you're visiting.

I was wondering if anyone knew anything you could to to prevent, or at least make it harder for them to do this. Thanks

Author: Dezaxa PostPosted: Mon Nov 08, 2010 3:01 pm    Post subject:
    ----
Assuming you are talking about protecting a corporate environment, what you are asking is potentially a huge subject. Some suggestions:

1. Use a fully switched network, i.e. ethernet switches, not hubs. This makes it harder (though not impossible) to sniff traffic.
2. Use network access control to stop unauthenticated devices connecting to the network.
3. Secure your wireless network with WPA2 (WEP, WEP2 and WPA are too weak).
4. Physically secure the site: don't let strangers with laptops in.
5. Use application whitelisting to prevent sniffing software being installed on your own computers.
6. Use application protocols that encrypt passwords, e.g. SSL, TLS, SSH, and not FTP, Telnet, POP3, etc.

Author: CoreDefendLocation: USA PostPosted: Tue Nov 09, 2010 5:33 pm    Post subject:
    ----
Cain and Abel misuse vulnerable network protocols.

Adding to the previous list, make sure group policy security settings are configured correctly.

A network may have the best IDS/IPS, firewall, and antivirus; but issuing SMB, NetBIOS, and LDAP commands to enumerate user accounts in Active Directory is "normal" network behavior that is not usually caught by these devices.



Networking/Security Forums -> General Security Discussion


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group