Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have a question regarding MAC-spoofing in an 802.1X solution. Let's say I have the following deployment:
Authentication server: Cisco ISEAuthenticator: Cisco Catalyst 2960XEAP-method: EAP-TLSSupplicant: Single PC on a wall-outletPeriodic re-authent...
So if I understand you correctly, the above scenario would allow the malicious device to communicate and thus this situation needs to be mitigated by taking extra measures. Preferably both physical and configurable.
Thanks for your help, it's apprec...
I explained in my original post that the legitimate device is removed after it succesfully performs its 802.1X authentication through the added switch/HUB, before adding the malicious device.
The port of the Authenticator switch stays up (since it is...
Thanks for your reply.
The idea behind this scenario is that the Authenticator switch can't tell that the legitimate supplicant has been replaced by the malicious device because it uses the (spoofed) MAC address of the legitimate device that alread...
What about this scenario?
The hacker removes the legitimate supplicant from the switch-interface, identifies its MAC-address, adds a simple switch or HUB to the switch-interface and reconnects the legitimate supplicant. Due tot the disconnect, the 80...
