ACCESS CONTROL IN A LOCAL NETWORK USING THE BASIC CONFIGURATION OF NETWORK DEVICES

The article focused on recommendations for the local network protection from unauthorized access of employees (insider attacks) on the basis of access control, using the basic settings of existing equipment. The use of MAC-based access profiles (MAC-based Access Control) is proposed. The problems of information security at the physical and channel levels, as well as the most common types of attacks are considered. For research purposes, a mockup of a typical local area network was created, including personal computers, ZTE ZXHN H208N modem with support WiFi-access point and the switch DES-1210-52, which connected these devices to the network.

Made contact connection to the twisted-pair with clips on the lines Tx and Rx. Kali Linux, tcpdump, bettercap, Wireshark are using as a tools for penetration testing. The network attacks ARP-spoofing with the basic settings of network equipment is discussed. The results of the attack and passive study of the network model are presented. The attack was repeated after activation and configuration IP-MAC-Port Binding, as well as authentication of users based on IEEE 802.1 X standard (MACBased 802.1 X). The results proved the effectiveness of the chosen protective actions.

1. Global’noe issledovanie utechek konfidencial’noj informacii v 2016 godu [Jelektronnyj resurs]: Analiticheskij centr InfoWatch. 2017. Rezhim dostupa: https://www.infowatch.ru/sites/default/files/report/analytics/russ/InfoWatch_global_report_2014.pdf. – Data dostupa: 10.04.2018.

2. Obzor mirovogo i rossijskogo rynka SIEM-sistem 2017 [Jelektronnyj resurs]: Anastasija Saprykina, obozrevatel’ Anti-Malware.ru. 2017. Rezhim dostupa: https://www.anti-malware.ru/analytics/Market_Analysis/overview-global-and-russian-market-siem#. – Data dostupa: 10.04.2018.

3. Informacionnye tehnologii. Sistemy kabel’nye strukturirovannye. Proektirovanie osnovnyh uzlov sistemy. Obshhie trebovanija: GOST Р ‎53246-2008 – Vved. – 25.12.2008. – Moskva: Standartinform, 2009. – 72 s.

4. Kali Linux Revealed. Mastering the Penetration Testing Distribution [Jelektronnyj resurs]: Raphaël Hertzog, Jim O’Gorman, Mati Aharoni. 2017. Rezhim dostupa: https://kali.training/downloads/Kali-Linux-Revealed-1st-edition.pdf/. – Data dostupa: 10.04.2018.

5. Pjat’ shagov, chtoby postroit’ portativnuju stanciju hakera iz Raspberry Pi i Kali Linux [Jelektronnyj resurs]. – Rezhim dostupa: http://infoweb.org.ua/portativnuyu-stantsiyu-hakera-iz-raspberry-pi-i-kali-linux. – Data dostupa: 10.04.2018.

6. Passivnyj analiz seti [Jelektronnyj resurs]: Stephen Barish. 2008. Rezhim dostupa: https://www.securitylab.ru/analytics/350448.php. – Data dostupa: 10.04.2018.

7. ARP-spoofing v Kali Linux [Jelektronnyj resurs]. – Rezhim dostupa: https://defcon.ru/network-security/3731/. – Data dostupa: 10.04.2018.

8. D-Link DES-3028/DES-3028P/DES-3052/DES-3052P Upravljaemye kommutatory 10/100Мбит/с Fast Ethernet Version I [Jelektronnyj resurs]: Rukovodstvo pol’zovatelja. 2007. Rezhim dostupa: http://ftp.dlink.ru/pub/Switch/DES-30283052/Description/DES-3028_28P_52_52P_Manual_v1_01_RUS.pdf/. – Data dostupa: 10.04.2018.