802.11 Wireless Attacks  Home ToC Prev Up Next 
802.11
Link layer
MAC header
AUTH frame
DEAUTH frame
+802.1x
802.11i
Attacks
Conclusion
  

802.1x

  • network standard for medium access (does not refer to 802.11 only)

  • Port-based access control, a client is authenticated to an AP using authentication server (RADIUS, TACACS+)

  • At the beginning, clients are authenticated to AP, their communication depends on the authentication to EAP server

  • For achieving a complex security there is inevitable to combine 802.1x with:

  • 1. Dynamic (per-session) WEP keys

  • 2. (Per Packet Keying, TKIP, MIC, Broadcast key rotation) = 802.11i

  • 3. Securing on higher layers (SSH, SSL protocols)
Copyright © 2005 Pavol Lupták, OpenWeekend 2005  Prev Next