Cain a& Abel Question

From: Pete Jacob (pjacob_at_ftmc.com)
Date: 05/21/03

Next message: Cushing, David: "RE: Cain a& Abel Question"

Previous message: Lluis Mora: "RE: Pen testing a CVS server"
Next in thread: Cushing, David: "RE: Cain a& Abel Question"
Maybe reply: Cushing, David: "RE: Cain a& Abel Question"
Maybe reply: Eliot Mansfield: "RE: Cain a& Abel Question"
Maybe reply: Christopher Harrington: "RE: Cain a& Abel Question"
Maybe reply: Cushing, David: "RE: Cain a& Abel Question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "pen-test@securityfocus.com" <pen-test@securityfocus.com>
Date: 21 May 2003 13:30:09 -0400

Hello!

I was reading thru the list and decided to give Cain & Abel a try...

it is a really powerful tool, I do have a question, I was running it
using the ARP poisoning from one of my test machines to my internet
gateway.. (Cisco 3600 series) I logged into my On-line banking account,
which is an SSL connection, and Cain & Abel picked up my username and
passsword as "Clear text"... I guess I am confused about this...
when I goto the site, it is an SSL site,it appears that the entire
session is SSL, and Cain & Abel is not doing any sort of "Cracking" and
if the software "Cain & Abel" is doing
some sort of sniffing, wouldn't it be encrypted via SSL?

I would like to know how this works... I have work with Apache and SSL,
and am unsure how this is happening...

thanks in advance.

Cheers~

Pete.

---------------------------------------------------------------------------
*** Wireless LAN Policies for Security & Management - NEW White Paper ***
Just like wired networks, wireless LANs require network security policies
that are enforced to protect WLANs from known vulnerabilities and threats.
Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.

To get your FREE white paper visit us at:
http://www.securityfocus.com/AirDefense-pen-test
----------------------------------------------------------------------------

Next message: Cushing, David: "RE: Cain a& Abel Question"

Previous message: Lluis Mora: "RE: Pen testing a CVS server"
Next in thread: Cushing, David: "RE: Cain a& Abel Question"
Maybe reply: Cushing, David: "RE: Cain a& Abel Question"
Maybe reply: Eliot Mansfield: "RE: Cain a& Abel Question"
Maybe reply: Christopher Harrington: "RE: Cain a& Abel Question"
Maybe reply: Cushing, David: "RE: Cain a& Abel Question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: Cain a& Abel Question
... Subject: Cain a& Abel Question ... Your browser negotiates an SSL connection with C&A. C&A negotiates ... that are enforced to protect WLANs from known vulnerabilities and threats. ...
(Pen-Test)
RE: Cain a& Abel Question
... Subject: Cain a& Abel Question ... What you are seeing is the result of a "man in the middle" style attack rather than a decoding of your SSL connection to the bank. ... implement and enforce WLAN security policies to lockdown enterprise WLANs. ...
(Pen-Test)
RE: Cain a& Abel Question
... What you are seeing is the result of a "man in the middle" style attack rather than a decoding of your SSL connection to the bank. ... > I was reading thru the list and decided to give Cain & Abel a try... ...
(Pen-Test)
Re: The Borrowings of the Koran
... Here's the conclusion from "On The Sources Of The Story Of Cain & Abel ... to have been borrowed from Jewish sources like the Targum ... "It is not said here blood in the singular, but blood in the plural, ...
(soc.religion.islam)
Re: OT: In the Begining
... Cain turned the tape of, informing Abel of the hose ... Abel wanted Adam to go and get more cleaner as ...
(uk.politics.misc)