1. Discuss how to use Cain & Abel to initiate a brute force attack.

from within the Cain and Abel Window select the user you wish to attack and right click and select Brute force attack. then make sure to select NTLM hashes. You will need to select the password length. You will need to decide if you are going to use the Custom or predefined tabs.

Finally click start and wait for the result.

What does NTLM hashes mean:

NT Lan Management which is a Windows Authentication protocol(Sanders, 2010)

1. Discuss the problems with using the brute force attack and compare and contrast with another password attack.

Based on the experience from the Cain and abel lab brute force attacks can take a long period to complete (days and months or even years). With the option of manipulating the password length you can extend the time taken to complete the task.

What is a Rainbow table?

Rainbow tables is a collection of passwords that have been encrypted by getting converted in a hash- which is a selection of random letters and numbers. Once a password has been hashed it cannot be converted back into plain text.

They way in which a Rainbow attack works is by preforming a cryptanalysis extremely fast. In order to try and avoid a Rainbow table attack you can add “salt”technique which is random data passed into the hash. By adding a random data both the plain text and the hash will ensure that each hash is unique making it impossible to use a predetermined Rainbow table.

Compared to a brute force attack that tries to guess each character from words in a dictionary a Rainbow table attack.(geeksforgeeks, 2018)

Bibliography

geeksforgeeks. (2018, June 10). Understanding Rainbow Table Attack. Retrieved from geeksforgeeks: https://www.geeksforgeeks.org/understanding-rainbow-table-attack/

Sanders, C. (2010, January 20). Retrieved from techgenix: http://techgenix.com/how-cracked-windows-password-part1/