What they don't tell you is normally in these kinds of programs what
they get first are the low hanging fruit.
Short sucky passwords, LMhashes, if you have weaknesses from the get
go... in my Win2k days when LMhashes were on the wire, LC4/5 could nail
short 7 character passwords in mere seconds.
If your password is of proper length and complexity, you throw out the
9x and NT clients and lose the legacy... you can attempt to brute force
in all you want but good luck.
http://download.microsoft.com/download/a/d/0/ad0f04a3-21b2-4d79-9049-f5fadb632ace/SEC401-JesperJohansson.pdf
And don't tell Tony how Physical security is still an issue as well.