IEEE 802.1X

IEEE 802.1X is an IEEE Standard for port-based network access control (PNAC). It is part of the IEEE 802.1 group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a LAN or WLAN.

The standard directly addresses an attack technique called Hardware Addition^[1] where an attacker posing as a guest, customer or staff smuggles a hacking device into the building that they then plug into the network giving them full access. A notable example of the issue occurred in 2005 when a machine attached to Walmart's network hacked thousands of their servers.^[2]

IEEE 802.1X defines the encapsulation of the Extensible Authentication Protocol (EAP) over wired IEEE 802 networks^[3]^: §3.3 and over 802.11 wireless networks,^[3]^: §7.12 which is known as "EAP over LAN" or EAPOL.^[4] EAPOL was originally specified for IEEE 802.3 Ethernet, IEEE 802.5 Token Ring, and FDDI (ANSI X3T9.5/X3T12 and ISO 9314) in 802.1X-2001,^[5] but was extended to suit other IEEE 802 LAN technologies such as IEEE 802.11 wireless in 802.1X-2004.^[6] The EAPOL was also modified for use with IEEE 802.1AE ("MACsec") and IEEE 802.1AR (Secure Device Identity, DevID) in 802.1X-2010^[7]^[8] to support service identification and optional point to point encryption over the internal LAN segment. 802.1X is part of the logical link control (LLC) sublayer of the 802 reference model.^[9]

^ "Hardware Additions, Technique T1200". attack.mitre.org. 2018-04-18. Retrieved 2024-04-10.
^ Zetter, Kim. "Big-Box Breach: The Inside Story of Wal-Mart's Hacker Attack". Wired. ISSN 1059-1028. Retrieved 2024-02-07.
^ ^a ^b B. Aboba; L. Blunk; J. Vollbrecht; J. Carlson (June 2004). H. Levkowetz (ed.). Extensible Authentication Protocol (EAP). Network Working Group. doi:10.17487/RFC3748. RFC 3748. Proposed Standard. Updated by RFC 5247 and 7057. Obsoletes RFC 2284.
^ IEEE 802.1X-2001, § 7
^ IEEE 802.1X-2001, § 7.1 and 7.2
^ IEEE 802.1X-2004, § 7.6.4
^ IEEE 802.1X-2010, page iv
^ IEEE 802.1X-2010, § 5
^ IEEE Standard for Local and Metropolitan Area Networks: Overview and Architecture (Technical report). IEEE. 2014. doi:10.1109/IEEESTD.2014.6847097. 802. 802.1X forms part of the LLC sublayer and provides a secure, connectionless service immediately above the MAC sublayer.

[1] "Hardware Additions, Technique T1200". attack.mitre.org. 2018-04-18. Retrieved 2024-04-10.

[2] Zetter, Kim. "Big-Box Breach: The Inside Story of Wal-Mart's Hacker Attack". Wired. ISSN 1059-1028. Retrieved 2024-02-07.

[rfc3748-3] B. Aboba; L. Blunk; J. Vollbrecht; J. Carlson (June 2004). H. Levkowetz (ed.). Extensible Authentication Protocol (EAP). Network Working Group. doi:10.17487/RFC3748. RFC 3748. Proposed Standard. Updated by RFC 5247 and 7057. Obsoletes RFC 2284.

[4] IEEE 802.1X-2001, § 7

[5] IEEE 802.1X-2001, § 7.1 and 7.2

[6] IEEE 802.1X-2004, § 7.6.4

[802.1X-2010_seciv-7] IEEE 802.1X-2010, page iv

[802.1X-2010_sec5-8] IEEE 802.1X-2010, § 5

[9] IEEE Standard for Local and Metropolitan Area Networks: Overview and Architecture (Technical report). IEEE. 2014. doi:10.1109/IEEESTD.2014.6847097. 802. 802.1X forms part of the LLC sublayer and provides a secure, connectionless service immediately above the MAC sublayer.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.

IEEE 802.1X

Our website is made possible by displaying online advertisements to our visitors.
Please consider supporting us by disabling your ad blocker.