You don't need a username or password!! The legitimate device
attached to the hub keeps the switch port open.
On Sat, 25 Mar 2006 17:48:45 +0100 Eagle Fire
<tlecuauhtli@googlemail.com> wrote:
I guess the cleaner has a username and a password to authenticate
its router to the node with 802.1x. If it thats the case, any bad
use
of the network with this username would be log. As a network admin
you
can even disconect the node. If you have the key, you can open the
door. What we are trying to protect with 802.1X is the access
without
the key.
If the cleaner does not have a username and password, sorry,
you do
not have access to the network even with your router.
-tlecu
Terrible analogy (but aren't they always?). Let's try again. I'm
a cleaner in an office. Rather than the $10 hub I splash out and
buy a $30 wireless hub and router. One evening, I unplug a network
printer and attach my router to the network and the printer to the
router.
Stick it under a table or behind a filing cabinet and in most
offices no one will have a clue that it is there. The whole street
now has access to your network and 802.1x won't help you one bit.
How does that fit your analogy?
Concerned about your privacy? Instantly send FREE secure email, no account
required
http://www.hushmail.com/send?l=480
Get the best prices on SSL certificates from Hushmail
https://www.hushssl.com?l=485
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
