No announcement yet.

(tommEE pickles) 802.1x Networking

  • Filter
  • Time
  • Show
Clear All
new posts

  • (tommEE pickles) 802.1x Networking

    802.1x Networking
    tommEE pickles, Security, Administrator, Moloch Industries

    tommEE pickles ( presents an explanation of 802.1x networking. Exploring what 802.1x is and why we would use it. He explains how 802.1x might be used in a corporate environment, wireless or wired. Giving an explanation on how you can start 802.1x network and get your users on it. Hardware and Software resources will be discussed and recommendations for free ways of accomplishing it will be presented. He will talk about the current problems and how to provide possible fixes for problems.

    tommEE pickles has been born, raised, and possibly living in New York City. He co-founded Moloch Indiustries in 1999. He his known for the 4 Defcon Cannonball Runs and his passion for Streaming Media and TiVo hacking. tommEE has worked for large streaming media providers while giving them solutions for streaming media security. He has also developed wireless networks for several large companies. He is also know for Birthdaycon during CES and AVN weekend.

  • #2
    Re: (tommEE pickles) 802.1x Networking

    Questions came up about VLAN hopping in my talk and I feel I didn't answer them to the best of my ability. I attribute this to the hangover condition that I had, so I will update the information here.

    With wireless networks you can avoid VLAN hopping, by having your 802.1X RADIUS server return a list of permissible SSIDs for each authenticated user. For example, when the system administrator authenticates using 802.1X, the Access Accept message can carry attributes that permit him to use either "moogle-employee". But when said contractor tries to use the "moogle-employee" SSID, the Accept message indicates that she is only permitted to use the "employee" SSID. The AP to which contractor has associated will disconnect the node before she can send any data. This method supports static VLANs with the same authorization granularity but stronger access control.

    With wired access I am working on support 802.1x without VLAN hopping in a wired environment without the need for static trunks. As well as testing the Vernier CS Control Server.
    tommEE pickles