Minggu, 10 Mei 2009

802.1x

What is 802.1x?

"Port-based network access control makes use of the physical access characteristics of IEEE 802 LAN infrastructures in order to provide a means of authenticating and authorizing devices attached to a LAN port that has point-to-point connection characteristics, and of preventing access to that port in cases which the authentication and authorization fails. A port in this context is a single point of attachment to the LAN infrastructure." --- 802.1X-2001, page 1.


Figure 802.1X: A wireless node must be authenticated before it can gain access to other LAN resources

  1. When a new wireless node (WN) requests access to a LAN resource, the access point (AP) asks for the WN's identity. No other traffic than EAP is allowed before the WN is authenticated (the "port" is closed).

    The wireless node that requests authentication is often called Supplicant, although it is more correct to say that the wireless node contains a Supplicant. The Supplicant is responsible for responding to Authenticator data that will establish its credentials. The same goes for the access point; the Authenticator is not the access point. Rather, the access point contains an Authenticator. The Authenticator does not even need to be in the access point; it can be an external component.

    EAP, which is the protocol used for authentication, was originally used for dial-up PPP. The identity was the username, and either PAP or CHAP authentication [RFC1994] was used to check the user's password. Since the identity is sent in clear (not encrypted), a malicious sniffer may learn the user's identity. "Identity hiding" is therefore used; the real identity is not sent before the encrypted TLS tunnel is up.

  2. After the identity has been sent, the authentication process begins. The protocol used between the Supplicant and the Authenticator is EAP, or, more correctly, EAP encapsulation over LAN (EAPOL). The Authenticator re-encapsulates the EAP messages to RADIUS format, and passes them to the Authentication Server.

    During authentication, the Authenticator just relays packets between the Supplicant and the Authentication Server. When the authentication process finishes, the Authentication Server sends a success message (or failure, if the authentication failed). The Authenticator then opens the "port" for the Supplicant.

  3. After a successful authentication, the Supplicant is granted access to other LAN resources/Internet.



Sumber : http://tldp.org/HOWTO/html_single/8021X-HOWTO/

Jumat, 01 Mei 2009

MULTICAST TESTING USING SMART WINDOW

Hurray... I am happy today...
Finally i find a way to test Multicast service in IP network using Smart Window. :)
I found this way by my self!
Well... to understand how to use Smart Bits Application, such as Smart Window, we need to read the direction in help. Read it carefully, then you will find a light ho to operate Smart Bits for your IP device testing.

I want to tell you the detail about this. But not now. I will tell you later. Please be patient. I am planning to write a legal work instruction for multicast testing using Smart Window. I hope this document will be usefull for somebody else who will test multicast using Smart Window.