| 802.1x系统中客户端软件版本检测方法分析 |
| |
| 引用本文: | 肖幪,王磊,李闻天,张国营. 802.1x系统中客户端软件版本检测方法分析[J]. 昆明理工大学学报(自然科学版), 2007, 32(2): 43-47 |
| |
| 作者姓名: | 肖幪 王磊 李闻天 张国营 |
| |
| 作者单位: | 昆明理工大学,信息与网络中心,云南,昆明,650051;昆明理工大学,信息与网络中心,云南,昆明,650051;昆明理工大学,信息与网络中心,云南,昆明,650051;昆明理工大学,信息与网络中心,云南,昆明,650051 |
| |
| 摘 要: | 在对以太网接入控制中的802.1x技术(特别是华为802.1x技术)进行分析的基础上,针对接入用户使用兼容客户端,去除了标准客户端软件中扩展特性的问题,通过分析标准客户端数据帧,使用WinCap开发兼容类客户端,确认了兼容客户端产生的根源,提出了基于Challenge认证的客户端软件版本检测方法,在每次客户端向设备端请求认证时,通过发送以随机数产生的不同的版本检测帧,切断/非法客户软件重放攻击方式的兼容性实现途径,确认客户端软件的合法性.
|
| 关 键 词: | 802.1x 网络协议 客户端 重放攻击 Challenge认证 |
| 文章编号: | 1007-855X(2007)02-0043-05 |
| 修稿时间: | 2006-06-01 |
Analysis of Detecting 802.1x Supplicant Software Version |
| |
| XIAO Meng,WANG Lei,LI Wen-tian,ZHANG Guo-ying. Analysis of Detecting 802.1x Supplicant Software Version[J]. Journal of Kunming University of Science and Technology(Natural Science Edition), 2007, 32(2): 43-47 |
| |
| Authors: | XIAO Meng WANG Lei LI Wen-tian ZHANG Guo-ying |
| |
| Affiliation: | Information and Network Center Kunming University of Science and Technology, Kunming 650051, China |
| |
| Abstract: | In this paper,by capturing frame between supplicant and authenticator,and developing compatible supplicant using WinCap,Ethernet access control technology,802.1x,especially Huawei 802.1x,is analyzed.Then in order to keep subscriber away from invalid supplicant,a method is proposed for detecting supplicant version.This checking version method is based on challenge authentication,and transmits different checking version frame from an original random number between authenticator and supplicant when authentication has started.It determines the supplicant version by removing the playback attack source data of invalid supplicant. |
| |
| Keywords: | 802.1x network protocol supplicant playback attack challenge authentication |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
