Global ETD Search

11	Untersuchung und Bewertung von Netzzugangssteuerungen auf Basis des Standards 802.1x (Port-Based Network Access Control) Richter, Lars 11 March 2005 (has links) (PDF) In der Arbeit wird der Standard 802.1x (Port-Based Network Access Control) näher betrachtet. Es werden die Funktionsweise und die Eigenschaften dieses Standards aufgezeigt. Weiterhin werden Hardware- und Softwareprodukte für die Nutzung des durch den Standard definierten Authentifizierungsverfahrens vorgestellt und analysiert. Abschließend erfolgt die Betrachtung für den Einsatz an der TU Chemnitz und der damit erfolgten Entwicklung einer Authenticator Komponenten. 802.11 802.11i Supplicant WPA 802.1x Authentication-Server Authenticator EAP EAPOL Funknetzwerk RADIUS ddc:004 Zugangsverfahren Netzwerk
12	Lokal Nätverkssäkerhet - experimentell studie av Microsoft Network Access Protection Petersson, Marcus, Hägg, David, Wiman, Christoffer January 2008 (has links) <p>Den här rapporten beskriver en experimentell studie av Microsoft Network Protection (NAP) och är ämnad för att utvärdera hur mogen tekniken är för att implementeras i en aktiv nätverksmiljö. För att göra studien tog vi hjälp av gymnasieskolan John Bauer i Kalmar. Tester har utförts med DHCP-framtvingning och 802. 1x-framtvingning, dessa är två av NAPs fyra olika framtvingande funktioner. En mindre analys av skolans switchkonfigurationer och interna säkerhet har även gjorts på John Bauers begäran. Testerna har visat att DHCP-framtvingning är en bra och enkel lösning för John Bauers trådade klienter. NAP-funktionen 802. 1x- framtvingning var en större utmaning dock, och blev inte lyckad. Utbudet av information om NAP är än för knapphändig och vi anser därför att inte bara 802.1x framtvingning inte är redo för implementation, utan även framtvingning med DHCP.</p> Network Access Control NAC Network Access Protection NAP 802.1x DHCP EAP Intern säkerhet Computer engineering Datorteknik
13	Evaluation of EAP-methods / Utvärdering av EAP-metode Lorentzen, Peter, Lindh, Johan January 2010 (has links) Network administrators typically employ di erent methods for authenticating and authorizing the access to their networks. A exible and scalable network access method is needed to combat the ever increasing network ubiquity brought on by technological advancements. The IEEE 802.1x Port-Based Network Access is a technology that allows transparent authentication to a network. It uses EAP-methods in order to authenticate against a server. There are a lot of di erent EAP-methods to choose from, and they vary in complexity and security. This report will bring up the di erences between the most commonly used authentication methods regarding the authentication time depending on di erent delay and network load. Results showed that EAP-methods that are less complex take less time to perform authentication than their counterparts. When there is no delay, or a very small delay, this might not matter, but when the delay is higher complex EAP-methods take signi cantly longer time to perform the authentication process. This is very negative considering the nature of transparent authentication, and could lead to users becoming annoyed. A general formula for determining how long time an EAP-authentication process will take is presented. 802.1x authentication EAP-methods RADIUS network Computer Sciences Datavetenskap (datalogi) Telecommunications Telekommunikation
14	Lokal Nätverkssäkerhet - experimentell studie av Microsoft Network Access Protection Petersson, Marcus, Hägg, David, Wiman, Christoffer January 2008 (has links) Den här rapporten beskriver en experimentell studie av Microsoft Network Protection (NAP) och är ämnad för att utvärdera hur mogen tekniken är för att implementeras i en aktiv nätverksmiljö. För att göra studien tog vi hjälp av gymnasieskolan John Bauer i Kalmar. Tester har utförts med DHCP-framtvingning och 802. 1x-framtvingning, dessa är två av NAPs fyra olika framtvingande funktioner. En mindre analys av skolans switchkonfigurationer och interna säkerhet har även gjorts på John Bauers begäran. Testerna har visat att DHCP-framtvingning är en bra och enkel lösning för John Bauers trådade klienter. NAP-funktionen 802. 1x- framtvingning var en större utmaning dock, och blev inte lyckad. Utbudet av information om NAP är än för knapphändig och vi anser därför att inte bara 802.1x framtvingning inte är redo för implementation, utan även framtvingning med DHCP. Network Access Control NAC Network Access Protection NAP 802.1x DHCP EAP Intern säkerhet Computer Engineering Datorteknik
15	Evaluation of EAP Authentication Methods in Wired and Wireless Networks / Utvärdering av EAP-autentisering Metoder i Fasta och Trådlösa Nätverk Kothaluru, Tirumala Rao, Mecca, Mohamed Youshah Shameel January 2012 (has links) In any networking environment, security, connection time and scalability of the network are the major concerns to keep network safe, faster and stable. Administrators working within the networking environment need to have complete account of manageability, scalability and security of the network, so that the organizational data can be kept confidential and maintain integrity. There are different authentication methods used by network administrators for accessing network in wired and wireless environments. As network usage and attacks on network increases, a secure, scalable and standard network protocol is needed for accessing and to keep data safe in both wired and wireless networks. IEEE 802.1x is an IEEE standard used to provide authentication and authorization to the devices over LAN/WLAN. The framework IEEE 802.1x uses EAP for authentication and authorization with a RADIUS server. In this report, an experimental analysis for different EAP authentication methods in both wired and wireless networks in terms of authentication time and the total processing time is presented. Wireshark is used to capture the network traffic on server and client ends. After analyzing each packet timestamps that are captured using Wireshark, it is seen that EAP-MD5 takes less time in both wired and wireless networks, if the number of users increases, there is not much difference in the network connection time. Concerning with security of the network, EAP-MD5 is vulnerable to many attacks so it is not used by many companies. The alternative methods with their strengths and weaknesses are discussed. Authentication EAP Methods IEEE 802.1x RADIUS Computer Sciences Datavetenskap (datalogi) Telecommunications Telekommunikation
16	Návrh síťové infrastruktury pobočkové sítě / Network Infrastructure Design of a Company Branches Částek, Marek January 2020 (has links) This master's thesis focuses on computer network design of multiple Občanům, s.r.o. company branches. The design consists of creating complete implementation documentation according to investor demands, which also includes passive and active network components, and specific security technologies.
17	Zabezpečení bezdrátových sítí IEEE 802.11 / Security of wireless computer networks IEEE 802.11 Škodák, Jaroslav January 2008 (has links) This work describes available and used standards, protocols and mechanisms used to secure IEEE 802.11 wireless networks. In the next section are listed vulnerabilities and possible attacks against different types of security. The principles of individual attacks on authentication, WEP security and WPA/WPA2 personal mode are described and realized using various software especially linux program aircrack-ng. Password for WEP security is obtained by passive eavesdropping data, using ARP replay injection and by creating own frames. The last two methods are used to generate traffic on the network, which is captured and then used to derive the WEP password. By injecting ARP frames, password was found in the number 60 000 captured frames and about 180 000 frames of data was needed for passive method. Decryption of WEP frame was done by fragment and KoreK chopchop attacks. This decrypted frame could be used to create fake frames and obtain WEP password. Brute force attack is realized for security WPA (WPA2) personal mode (often due to lack of strong password) by comparing password (passphrase) from password list. Speed of comparing is about 200 passwords/s.
18	Åtkomst nekad : Autentisering och säkerhetsrutiner för lokala nätverk / Access denied : Authentication and security routines for local area networks WISTRÖM, EDVARD January 2022 (has links) In the field of Cybersecurity, it is essential to know who is connected to your system. The functionality for Authentication of connecting users in the local area network is in the focus for this report. There exist various authentication protocols, however in this report IEEE 802.1X is covered since it is the protocol most suitable for wired local area networks. The IEEE 802.1X protocol is studied in theory with its architecture of Supplicator, Authenticator and Authentication server and the used communication protocols EAPOL and RADIUS. A practical test was then performed as a basic concept to learn more about pros and cons for utilizing these protocols where the fundamentals of protocol communications are observed and later the prerequisites for a larger scale implementation are described. The outcome from the test is proof of the relative difficulties involved with having to keep up with the pace of Cybersecurity evolution. In the test, older equipment where thought to be used, however due to incompatibility of gear and software the test needed to be revised to use other gear. The learning outcome from the test is that it is a complex task to set up authentication, competent staff are needed, as well as suitable equipment. The motivation for setting up IEEE 802.1X is found in larger organizations where the risks of an attack are high, the large number of users calls for centralized systems for the handling of users and network policies. Due to the trend of Bringing you own device, a policy for the handling of unauthorized users and devices is needed to be in place. The default behavior may be to just deny access for unauthorized devices, however with authentication systems implemented the unauthorized user may instead benefit from being automatically referred to a guest network in a secured manner and the authorized user gains flexibility to access the network thru any available network port. For the improvement and maintenance of Cybersecurity administration an Information Security Management System is found useful, the organization can thereby continuously improve their work and document the system features and routines. In case of a security breach that system gives support for immediate action upon the problem, and even stronger preparation for the Cyber defense in the form of good backup routines and monitoring the normal state activities where all devices are either authorized or unauthorized and placed into their proper network according to network policies. / <p>Examensarbete för högskoleingenjörsexamen i nätverksteknik</p> Authentication IEEE 802.1X EAPOL RADIUS ISMS Embedded Systems Inbäddad systemteknik Computer Systems Datorsystem
19	Adding bandwidth specification to a AAA Sever Zhou, Jia January 2008 (has links) Authentication, authorization, and accounting (AAA) are key elements in network security. In many networks, clients can use resources only after they have been authenticated by an authentication server and authorized to use these resources. In some cases the server will also maintain accounting records in order for an operator (a provider of resources) to charge the account/subscriber for using the service. There are four main AAA protocols being used today. Of these RADIUS is the mostly widely used. This thesis starts with an introduction to AAA protocols, and then goes in the details of RADIUS. In order to perform a practical evaluation of how the AAA could be improved, FreeRADIUS was selected as the base code for this project; because this implementation is one of the most widely used RADIUS servers. A proposal for how to improve AAA performance is introduced and the implementation steps needed to realize these improvements are shown. Additionally, some experiments have been conducted to show both the correct functioning of the resulting implementation and to examine if there is a performance improvement. Following this some conclusions are drawn based upon a comparison with a traditional AAA server. A key element of the change in AAA which is proposed is the use of a non-binary IEEE 802.1x process. This new non-binary solution introduces a new type of AAA server and requires the re-thinking of a number of traditional AAA design decisions. It is expected that this change will have a significant impact, but will require some time for exposure, implementation by others, and a more extensive evaluation that was possible during the period of this thesis project. One of the most important conclusions drawn during this thesis is the difficulty of making a change in authentication and authorization, because of the large amount of interaction between both the various protocols and the standards which have been developed for these protocols. Thus one of the difficult aspects of the task is how to introduce a change in a protocol while maintaining backward compatibility for others who have not adopted this change -- without requiring the addition of a protocol version field. A second important conclusion is that doing this implementation in three separate parts with different students being responsible for the different parts revealed just how complex the interaction of protocol design decisions are. While a working version of the entire set of changes proved to be impossible, it was observed that the different parts could be decoupled more than initially expected. AAA RADIUS FreeRADIUS authentication non-binary authentication IEEE 802.1x Communication Systems Kommunikationssystem
20	Wireless-LAN im Studentennetzwerk (CSN) Glöckner, Alexander 02 April 2006 (has links) (PDF) Inhalt der Diplomarbeit sind Untersuchungen zur Authentifizierung und Verschlüsselung von drahtlosen Netzwerkverbindungen. 802.1X AAA AES-CCMP DIAMETER EAP TKIP VPN WPA2 ddc:004 Netzwerk RADIUS <Informatik> Virtuelles privates Netzwerk

Search results