【作者】 罗俊翔；

【导师】 鹿凯宁；

【作者基本信息】 天津大学 ， 信号与通信工程， 2008， 硕士

【摘要】 随着以太网技术的飞速发展,其应用也日益广泛。目前,在校园网络中,以太网技术既是使用最广泛的组网技术,也成为用户计算机入网接入技术的首选。出于网络安全的考虑和计费的需要,网络管理者和运营商都明显地感到了对以太网端口进行控制的需求。在这样的背景下,802.1X协议应运而生,从而为以太网环境提供了一种标准的基于端口的访问控制机制和认证手段。网络上原有的认证系统如PPPoE和WEB认证技术,已经越来越不适应宽带发展的认证需求。IEEE 802.1X认证技术有着简洁高效,易于实现,安全可靠,易于经营等优点,因此被广泛地应用于校园网认证中。本论文首先较全面的分析了802.1X协议产生的背景、认证体系结构和通信规范;并将802.1X协议与传统接入认证技术如PPPoE、WEB进行比较,总结出802.1X认证技术的特点与优势,以及该技术的应用前景。针对LINUX对802.1X支持不够的情况,本文设计实现了LINUX平台下的802.1X认证。在此基础上详细分析了客户端软件在基于802.1X的接入认证过程中必不可少的重要作用以及其提供的基本功能。同时,为保证用户接入的合法性,在其传输报文中添加用户信息模块,并对LINUX下真实MAC地址的提取做了尝试。最后,利用Libpcap函数库实现了LINUX下数据抓包,检验了认证过程的正确性。更多还原

【Abstract】 Continuous progress in Ethenet techniques has made it a prominent network technology,not only for building up LANs,MANs,and WANs,but also for accessing these works in compus network. As a result,there is an urgent need for access control in an Ethernet environment,and finally in 2001,the standard of 802.1X was defineded by an IEEE802 working group.IEEE 802.1X is a port based access control protocol,whichprovides a standard mechanism and authorization method for users connected to Ethernet port.The traditional authentication system, such as PPPoE and Web,can’t meet the authentication requirements for campus network development.IEEE 802.1x authentication is high efficient, easy to implement, safe and reliable, so it is widely applied to the authentication of campus network.At first, this thesis analyses something roundly about the standard of 802.1X, such as the background of its appearance,the system architechure and communication protocols adopted by it,summarise the characters,advantages and foreground of 802.1xX protocol while Comparing with PPPoE and Web. ity.Supported the insufficient situation in view of the LINUX client side to 802.1X,this article designs realizes under LINUX to authenticate.Secondly,this thesis point out the importance of 802.1X client software and analyses the functions that 802.1X client software should provide.Thirdly,this thesis provide a method of adding the information of users into the authentication for the purpose of verifying the users,and tried something to get the real MAC.At last,this thesis verifies the process of 802.1X authentication using Libpcap stresses a packet in LINUX.更多还原