Security Basics mailing list archives

Re: Network Mapping

From: "Nikhil Wagholikar" <visitnikhil () gmail com>
Date: Thu, 11 Sep 2008 11:48:33 +0530

Hello s0h0us,

The username password values flow over a Microsoft Windows based
network in hashed format (either LM, NTLM or NTLMv2). You can verify
this by using Wireshark tool.

More information about NTLM Authentication protocol, you can refer to
this article:
http://davenport.sourceforge.net/ntlm.html

More information about Wireshark tool:
http://www.wireshark.org/docs/

Best of Luck !!

---
Nikhil Wagholikar
Practice Lead | Security Assessment and Digital Forensics
NII Consulting
Web: http://www.niiconsulting.com/
Security Products: http://www.niiconsulting.com/products.html


On Wed, Sep 10, 2008 at 8:49 PM,  <s0h0us () yahoo com> wrote:

are passwords use in a net use command encrypted?
i'm writing a script to map a drive (to a windows 2003 server) in the background, passing username and password 
parameters,i just wasn't sure if the password could get pickup in clear text using a sniffer.
thanks for your feedback

Current thread:

Network Mapping s0h0us (Sep 10)
- RE: Network Mapping Murda Mcloud (Sep 11)
- Re: Network Mapping Kurt Buff (Sep 11)
- Re: Network Mapping Nikhil Wagholikar (Sep 11)