Faking Network Admission Control Agents - Is possible?

Discussion in 'Cisco' started by orazon, Dec 13, 2004.

  1. orazon

    orazon Guest

    I read a lot about Cisco`s NAC and I really wonder about something.
    The architecture is based on the fact that the equipment will query
    some kind of agent installed on the desktops.
    Let`s say that I`m the new worm developer - wouldn`t I disable this
    client and impresonate it ?
    When I will be queried - I will send that everything is up to date on
    the PC (although that I shut down the antivirus...).
    The only thing I need to do is just to do some reverse-engineering and
    understand Cisco`s NAC protocol.

    What do you say?
    orazon, Dec 13, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.