O'Reilly logo

Mastering Windows Network Forensics and Investigation, 2nd Edition by Scott Pearson, Ryan Johnson, Steve Bunting, Steven Anson

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Sniffing and Cracking Windows Authentication Exchanges

Although any authentication mechanism can theoretically be compromised, attackers generally focus on the weakest link. While Kerberos authentication exchanges are subject to attack, these are more complicated and thus less likely to be successful in a reasonable period of time than attacks against LanMan or NTLM authentication. Thus, we are going to focus on the weakest member of the group of authentication processes covered thus far.

It is important to understand when authentication happens between two Windows systems. An authentication takes place whenever a process on one system attempts to access a resource on another system. An example would be when a user attempts to map a network drive, ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required