Cain & Able

Cain & Able Is a great Windows tool to play with as a Penetration Tester. So being a windows guy and new to the Penetration testing position I figured I should play with it a little. So I started out loading this on my laptop that is connected to my home network that is Dual boot Windows XP and Ubuntu. Started up Cain & Able to see what can be done... The first thing I realized is I need to turn off any anti-Virus Software loaded on the machine. So instead I just uninstalled it. (what is the sence of having AV when everything I load on there flags up as a virus.) So I let Cain & Able connect to the network and started a Network Discovery... Surprisingly enough it found everything... Okay I wasn't to surprised at that fact. The next thing I did was wanted to see what I could do with Sniffing though Cain and Able. Sure enough I started sniffing and did a little Arp Poinsoning on my other laptop and my Daughters Desktop. How did it work... Well lets see with out doing more that a few clicks i was able to retrieve almost every password of every website that me and my daughter went to. So My thoughts on this: It is easy for people to get your information with the right tool especially on the same network as you. When you see the Certificate Warning come up in Windows and it say's "Microsoft recomends closing" do what they recomend It could be worth your Life Savings, or Identity... I can't wait to learn more about this Job it is so much fun...