ACCESS CONTROL IN A LOCAL NETWORK USING THE BASIC CONFIGURATION OF NETWORK DEVICES
The article focused on recommendations for the local network protection from unauthorized access of employees (insider attacks) on the basis of access control, using the basic settings of existing equipment. The use of MAC-based access profiles (MAC-based Access Control) is proposed. The problems of...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Belarusian National Technical University
2018-10-01
|
| Series: | Системный анализ и прикладная информатика |
| Subjects: | |
| Online Access: | https://sapi.bntu.by/jour/article/view/225 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832543651294609408 |
|---|---|
| author | S. N. Petrov D. V. Ahramenko S. M Goroshko T. A. Pulko |
| author_facet | S. N. Petrov D. V. Ahramenko S. M Goroshko T. A. Pulko |
| author_sort | S. N. Petrov |
| collection | DOAJ |
| description | The article focused on recommendations for the local network protection from unauthorized access of employees (insider attacks) on the basis of access control, using the basic settings of existing equipment. The use of MAC-based access profiles (MAC-based Access Control) is proposed. The problems of information security at the physical and channel levels, as well as the most common types of attacks are considered. For research purposes, a mockup of a typical local area network was created, including personal computers, ZTE ZXHN H208N modem with support WiFi-access point and the switch DES-1210-52, which connected these devices to the network.Made contact connection to the twisted-pair with clips on the lines Tx and Rx. Kali Linux, tcpdump, bettercap, Wireshark are using as a tools for penetration testing. The network attacks ARP-spoofing with the basic settings of network equipment is discussed. The results of the attack and passive study of the network model are presented. The attack was repeated after activation and configuration IP-MAC-Port Binding, as well as authentication of users based on IEEE 802.1 X standard (MACBased 802.1 X). The results proved the effectiveness of the chosen protective actions. |
| format | Article |
| id | doaj-art-91977e8ecb024e7f92cbdfaf6bd0aa7a |
| institution | Kabale University |
| issn | 2309-4923 2414-0481 |
| language | English |
| publishDate | 2018-10-01 |
| publisher | Belarusian National Technical University |
| record_format | Article |
| series | Системный анализ и прикладная информатика |
| spelling | doaj-art-91977e8ecb024e7f92cbdfaf6bd0aa7a2025-02-03T11:37:41ZengBelarusian National Technical UniversityСистемный анализ и прикладная информатика2309-49232414-04812018-10-0103556110.21122/2309-4923-2018-3-55-61172ACCESS CONTROL IN A LOCAL NETWORK USING THE BASIC CONFIGURATION OF NETWORK DEVICESS. N. Petrov0D. V. Ahramenko1S. M Goroshko2T. A. Pulko3Belarusian State University of Informatics and RadioelectronicsBelarusian State University of Informatics and RadioelectronicsBelarusian State University of Informatics and RadioelectronicsBelarusian State University of Informatics and RadioelectronicsThe article focused on recommendations for the local network protection from unauthorized access of employees (insider attacks) on the basis of access control, using the basic settings of existing equipment. The use of MAC-based access profiles (MAC-based Access Control) is proposed. The problems of information security at the physical and channel levels, as well as the most common types of attacks are considered. For research purposes, a mockup of a typical local area network was created, including personal computers, ZTE ZXHN H208N modem with support WiFi-access point and the switch DES-1210-52, which connected these devices to the network.Made contact connection to the twisted-pair with clips on the lines Tx and Rx. Kali Linux, tcpdump, bettercap, Wireshark are using as a tools for penetration testing. The network attacks ARP-spoofing with the basic settings of network equipment is discussed. The results of the attack and passive study of the network model are presented. The attack was repeated after activation and configuration IP-MAC-Port Binding, as well as authentication of users based on IEEE 802.1 X standard (MACBased 802.1 X). The results proved the effectiveness of the chosen protective actions.https://sapi.bntu.by/jour/article/view/225information securitypenetration testingnetwork traffic analysisinsider attacksaccess control, arpspoofing |
| spellingShingle | S. N. Petrov D. V. Ahramenko S. M Goroshko T. A. Pulko ACCESS CONTROL IN A LOCAL NETWORK USING THE BASIC CONFIGURATION OF NETWORK DEVICES Системный анализ и прикладная информатика information security penetration testing network traffic analysis insider attacks access control, arpspoofing |
| title | ACCESS CONTROL IN A LOCAL NETWORK USING THE BASIC CONFIGURATION OF NETWORK DEVICES |
| title_full | ACCESS CONTROL IN A LOCAL NETWORK USING THE BASIC CONFIGURATION OF NETWORK DEVICES |
| title_fullStr | ACCESS CONTROL IN A LOCAL NETWORK USING THE BASIC CONFIGURATION OF NETWORK DEVICES |
| title_full_unstemmed | ACCESS CONTROL IN A LOCAL NETWORK USING THE BASIC CONFIGURATION OF NETWORK DEVICES |
| title_short | ACCESS CONTROL IN A LOCAL NETWORK USING THE BASIC CONFIGURATION OF NETWORK DEVICES |
| title_sort | access control in a local network using the basic configuration of network devices |
| topic | information security penetration testing network traffic analysis insider attacks access control, arpspoofing |
| url | https://sapi.bntu.by/jour/article/view/225 |
| work_keys_str_mv | AT snpetrov accesscontrolinalocalnetworkusingthebasicconfigurationofnetworkdevices AT dvahramenko accesscontrolinalocalnetworkusingthebasicconfigurationofnetworkdevices AT smgoroshko accesscontrolinalocalnetworkusingthebasicconfigurationofnetworkdevices AT tapulko accesscontrolinalocalnetworkusingthebasicconfigurationofnetworkdevices |