Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
IEEE 802.1X
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
{{short description|IEEE standard for port-based network access control}} '''IEEE 802.1X''' is an [[IEEE Standard]] for port-based [[network access control]] (PNAC). It is part of the [[IEEE 802.1]] group of networking protocols. It provides an [[authentication]] mechanism to devices wishing to attach to a [[Local area network|LAN]] or [[Wireless LAN|WLAN]]. The standard directly addresses an attack technique called Hardware Addition<ref>{{Cite web |date=2018-04-18 |title=Hardware Additions, Technique T1200 |url=https://attack.mitre.org/techniques/T1200/ |access-date=2024-04-10 |website=attack.mitre.org |language=en-US}}</ref> where an attacker posing as a guest, customer or staff smuggles a hacking device into the building that they then plug into the network giving them full access. A notable example of the issue occurred in 2005 when a machine attached to [[Walmart]]'s network hacked thousands of their servers.<ref>{{Cite magazine |last=Zetter |first=Kim |title=Big-Box Breach: The Inside Story of Wal-Mart's Hacker Attack |url=https://www.wired.com/2009/10/walmart-hack/ |access-date=2024-02-07 |magazine=Wired |language=en-US |issn=1059-1028}}</ref> IEEE 802.1X defines the encapsulation of the [[Extensible Authentication Protocol]] (EAP) over wired [[IEEE 802]] networks{{Ref RFC|3748|rsection=3.3}} and over 802.11 wireless networks,{{Ref RFC|3748|rsection=7.12}} which is known as "EAP over LAN" or EAPOL.<ref>IEEE 802.1X-2001, Β§ 7</ref> EAPOL was originally specified for [[IEEE 802.3]] Ethernet, [[IEEE 802.5]] Token Ring, and [[Fiber Distributed Data Interface|FDDI]] (ANSI X3T9.5/X3T12 and ISO 9314) in 802.1X-2001,<ref>IEEE 802.1X-2001, Β§ 7.1 and 7.2</ref> but was extended to suit other IEEE 802 LAN technologies such as [[IEEE 802.11]] wireless in 802.1X-2004.<ref>IEEE 802.1X-2004, Β§ 7.6.4</ref> The EAPOL was also modified for use with [[IEEE 802.1AE]] ("MACsec") and [[IEEE 802.1#802.1AR|IEEE 802.1AR]] (Secure Device Identity, DevID) in 802.1X-2010<ref name="802.1X-2010_seciv">IEEE 802.1X-2010, page iv</ref><ref name="802.1X-2010_sec5">IEEE 802.1X-2010, Β§ 5</ref> to support service identification and optional point to point encryption over the internal LAN segment. 802.1X is part of the [[logical link control]] (LLC) sublayer of the 802 reference model.<ref>{{cite tech report |institution=[[IEEE]] |doi=10.1109/IEEESTD.2014.6847097 |title=IEEE Standard for Local and Metropolitan Area Networks: Overview and Architecture |number=[[IEEE 802|802]] |year=2014 |quote=802.1X forms part of the LLC sublayer and provides a secure, connectionless service immediately above the MAC sublayer.}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)