Bypassing Network Access Control (NAC)
NAC works on a basic form of the 802.1X IEEE standard. The majority of the corporates implement NAC to protect all the network nodes such as switches, routers, firewalls, servers, and more importantly, endpoints.
A decent NAC implies the controls that are put in place to prevent the intrusion by policies and also define who can access what. In this section, we will take a deep dive into different types of NAC that attackers or penetration testers encounter during an RTE or penetration test.
Although there is no specific common criteria or standardization for NAC, it varies from vendor to vendor and the way it is implemented; for example, Cisco provides Cisco Network Admission Control and Microsoft provides Microsoft Network Access Protection. The primary purpose of NAC is to control the devices/elements, which can be connected and then make sure they are compliant. NAC protections can be subdivided into two different categories:
- Preadmission NAC
- Postadmission...
