Saturday, May 1, 2021

802.1x (EAP-TLS) security

Hello, From my understanding, under dot1x a port is either unauthorized or authorized, even if the authentication process is encrypted e2e - What prevents a MITM from waiting until authentication has succeeded and then injecting packets?

Even under multi auth which I assume works based on MAC because how else would it identify devices, an attacker can still inject packets by putting the source MAC as the authenticated device...

Am I missing something or is this protocol just bad?



No comments:

Post a Comment