Which of the following is a Unix and Windows tool capable of intercepting traffic on a network
segment and capturing username and password?
A.
AirSnort
B.
Ettercap
C.
BackTrack
D.
Aircrack
Explanation:
Ettercap is a Unix and Windows tool for computer network protocol analysis and security auditing.
It is capable of intercepting traffic on a network segment, capturing passwords, and conducting
active eavesdropping against a number of common protocols. It is a free open source software.
Ettercap supports active and passive dissection of many protocols (including ciphered ones) and
provides many features for network and host analysis.
Answer option C is incorrect. BackTrack is a Linux distribution distributed as a Live CD, which is
used for penetration testing. It allows users to include customizable scripts, additional tools and
configurable kernels in personalized distributions. It contains various tools, such as Metasploit
integration, RFMON injection capable wireless drivers, kismet, autoscan-network (network
discovering and managing application), nmap, ettercap, wireshark (formerly known as Ethereal).
Answer option A is incorrect. AirSnort is a Linux-based WLAN WEP cracking tool that recovers
encryption keys. AirSnort operates by passively monitoring transmissions. It uses Ciphertext Only
Attack and captures approximately 5 to 10 million packets to decrypt the WEP keys. Answer
option D is incorrect. Aircrack is the fastest WEP/WPA cracking tool used for 802.11a/b/g WEP
and WPA cracking.