LM and NTLM Hashes

[Flavio Braga <flaviobs () uol com br>]

Hi all!

I have a question about LM and NTLM hashes. Hope someone will have 
something to say.

Sorry about my ignorance. I was testing Cain & Abel in my network. I did 
run the sniffer for some time, and so
I sent the captured packets to the cracker. Some documentation says that 
LM and NTLM hashes have 16 bytes.
But only a few packets have identified 16 bytes long hashes. The program 
lists all the other packets with 24 bytes
long hashes in the same columns as LM & NTLM.

My question is: what kind of hashes are them? And another one. Does it 
mean that LM & NTLM are not the only
way to authenticate users? We don't have Kerberos in the network. I saw 
that pop3 clients send passwords in
text mode. Is there any way to protect passwords from email clients? Or 
the users have to access emails from
webmails?

Thank you for any help.

Flavio