IBM has a very informative web page about password cracking
The techniques included Spoofing, Smurfing and DoS
A. Methods:
Dumpster Diving: Attackers go through rubbish bins to find company documents with password on
Dictionary Attack: A Dictionary file is loaded into a cracking application to find the right password.
Hybrid Attack: By adding numbers and/or symbols to the File name a password could be discovered.
Brute Force Attack: This is a very time consuming and complex process. It can take up to a week to crack the password.
Tools:
LOphtCrack also known as LC4: This tool takes Windows NT/2000 passwords and changes them into plain text. Bu using Alphanumeric combinations it can solve the password.
Protocal Analyzer: Also known as "Network Sniffer"
B. Prevention:
Strict Security Policies should be adhered to. Networks should involve Security Professionals, end users and management representatives to come up with solutions to their security needs.
C. Yes, detailed hacking information is freely available on the net but on the flip side of the coin so is Anti-Hacking information and software with regular free updates also available.
D. Yes, network administrators should monitor Hacker sites to stay one step ahead of them. All this free information could be beneficial for administrators to enable them to update their security solutions.