С. Н. Петров, Д. В. Ахраменко, С. М. Горошко, Т. А. Пулко
{"title":"РАЗГРАНИЧЕНИЕ ДОСТУПА В ЛОКАЛЬНОЙ СЕТИ С ИСПОЛЬЗОВАНИЕМ БАЗОВЫХ НАСТРОЕК СЕТЕВОГО ОБОРУДОВАНИЯ","authors":"С. Н. Петров, Д. В. Ахраменко, С. М. Горошко, Т. А. Пулко","doi":"10.21122/2309-4923-2018-3-55-61","DOIUrl":null,"url":null,"abstract":"The article focused on recommendations for the local network protection from unauthorized access of employees (insider attacks) on the basis of access control, using the basic settings of existing equipment. The use of MAC-based access profiles (MAC-based Access Control) is proposed. The problems of information security at the physical and channel levels, as well as the most common types of attacks are considered. For research purposes, a mockup of a typical local area network was created, including personal computers, ZTE ZXHN H208N modem with support WiFi-access point and the switch DES-1210-52, which connected these devices to the network. Made contact connection to the twisted-pair with clips on the lines Tx and Rx. Kali Linux, tcpdump, bettercap, Wireshark are using as a tools for penetration testing. The network attacks ARP-spoofing with the basic settings of network equipment is discussed. The results of the attack and passive study of the network model are presented. The attack was repeated after activation and configuration IP-MAC-Port Binding, as well as authentication of users based on IEEE 802.1 X standard (MACBased 802.1 X). The results proved the effectiveness of the chosen protective actions.","PeriodicalId":30907,"journal":{"name":"Sistemnyj Analiz i Prikladnaa Informatika","volume":"1 1","pages":"55-61"},"PeriodicalIF":0.0000,"publicationDate":"2018-10-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Sistemnyj Analiz i Prikladnaa Informatika","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.21122/2309-4923-2018-3-55-61","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
The article focused on recommendations for the local network protection from unauthorized access of employees (insider attacks) on the basis of access control, using the basic settings of existing equipment. The use of MAC-based access profiles (MAC-based Access Control) is proposed. The problems of information security at the physical and channel levels, as well as the most common types of attacks are considered. For research purposes, a mockup of a typical local area network was created, including personal computers, ZTE ZXHN H208N modem with support WiFi-access point and the switch DES-1210-52, which connected these devices to the network. Made contact connection to the twisted-pair with clips on the lines Tx and Rx. Kali Linux, tcpdump, bettercap, Wireshark are using as a tools for penetration testing. The network attacks ARP-spoofing with the basic settings of network equipment is discussed. The results of the attack and passive study of the network model are presented. The attack was repeated after activation and configuration IP-MAC-Port Binding, as well as authentication of users based on IEEE 802.1 X standard (MACBased 802.1 X). The results proved the effectiveness of the chosen protective actions.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
