Bypassing Wired Port Security
Vishnu V.1, Praveen K.2
1Vishnu V.*, TIFAC-CORE, Cyber Security, Amrita School of Engineering, Amrita Vishwa Vidyapeetham University, Coimbatore, India.
2Praveen K., TIFAC-CORE, Cyber Security, Amrita School of Engineering, Amrita Vishwa Vidyapeetham University, Coimbatore, India.
Manuscript received on March 12, 2020. | Revised Manuscript received on March 25, 2020. | Manuscript published on March 30, 2020. | PP: 3293-3297 | Volume-8 Issue-6, March 2020. | Retrieval Number: F8548038620/2020©BEIESP | DOI: 10.35940/ijrte.F8548.038620
Open Access | Ethics and Policies | Cite | Mendeley
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: 802.1x is a part of the IEEE 802.1 group of Networking Protocols. It is mainly used to implement Port-based Network Access Control (PNAC) by providing an authenticating mechanism to connect to LAN or WAN. Existing attacks on the 802.1x are mainly focused on the older version of the protocol which does not provide encryption or enable authentication on a packet-by-packet basis. Later versions of the protocol includes MACsec to provide a two layer encryption to maintain the data integrity of the network packets. It also included support for devices like printers and VOiP phones which led to an easy attack vector. An attacker could easily spoof the MAC address to get into the corporate network. In this paper we go through the 802.1x protocol, the authentication mechanism of the protocol, the existing attacks on the protocol and a new attack to bypass Network Access Control enforced by the 802.1x. The proposed attack is an improvement on the NACKered script which was built upon the Alva Lease’s Duckwall IV. We have added a couple of modules to run the responder script as well as an awareness script to keep it persistent. We end the paper by listing out the best practices that must be followed when setting up a corporate network with Network Access Control with 802.1x.
Keywords: 802.1 xs, EAP, Network Access Control, Port Security, RADIUS
Scope of the Article: Software & System Security.