Hello, From my understanding, under dot1x a port is either unauthorized or authorized, even if the authentication process is encrypted e2e - What prevents a MITM from waiting until authentication has succeeded and then injecting packets?
Even under multi auth which I assume works based on MAC because how else would it identify devices, an attacker can still inject packets by putting the source MAC as the authenticated device...
Am I missing something or is this protocol just bad?
No comments:
Post a Comment