{"id":18213,"date":"2024-07-04T09:17:00","date_gmt":"2024-07-04T07:17:00","guid":{"rendered":"https:\/\/cirosec.de\/?p=18213"},"modified":"2026-04-17T09:23:35","modified_gmt":"2026-04-17T07:23:35","slug":"inside-the-nac-pi","status":"publish","type":"post","link":"https:\/\/cirosec.de\/en\/news\/inside-the-nac-pi\/","title":{"rendered":"Inside the NAC Pi"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"18213\" class=\"elementor elementor-18213\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-46c4abb9 elementor-section-full_width elementor-section-content-middle elementor-section-height-default elementor-section-height-default\" data-id=\"46c4abb9\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-f438b3a\" data-id=\"f438b3a\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4b6a5609 elementor-widget elementor-widget-template\" data-id=\"4b6a5609\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"template.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-template\">\n\t\t\t\t\t<header data-elementor-type=\"header\" data-elementor-id=\"6422\" class=\"elementor elementor-6422 elementor-941 elementor-941\" data-elementor-post-type=\"elementor_library\">\n\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-3c20b09 elementor-section-full_width elementor-section-content-middle elementor-section-height-default elementor-section-height-default\" data-id=\"3c20b09\" data-element_type=\"section\" data-e-type=\"section\" id=\"header--sticky\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;,&quot;sticky&quot;:&quot;top&quot;,&quot;sticky_on&quot;:[&quot;desktop&quot;,&quot;tablet_extra&quot;],&quot;sticky_offset&quot;:0,&quot;sticky_effects_offset&quot;:0,&quot;sticky_anchor_link_offset&quot;:0}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-25 elementor-top-column elementor-element elementor-element-2c6b6ea\" data-id=\"2c6b6ea\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-920f2b0 elementor-widget elementor-widget-theme-site-logo elementor-widget-image\" data-id=\"920f2b0\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"theme-site-logo.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/cirosec.de\/en\/\">\n\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"626\" height=\"188\" src=\"https:\/\/cirosec.de\/wp-content\/uploads\/2023\/08\/Logo_Cirosec_rgb_53x16mm-transparent.png\" class=\"attachment-full size-full wp-image-5868\" alt=\"\" srcset=\"https:\/\/cirosec.de\/wp-content\/uploads\/2023\/08\/Logo_Cirosec_rgb_53x16mm-transparent.png 626w, https:\/\/cirosec.de\/wp-content\/uploads\/2023\/08\/Logo_Cirosec_rgb_53x16mm-transparent-300x90.png 300w\" sizes=\"(max-width: 626px) 100vw, 626px\" \/>\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-25 elementor-top-column elementor-element elementor-element-b85d260\" data-id=\"b85d260\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-db0098d elementor-widget__width-auto elementor-hidden-desktop elementor-widget elementor-widget-shortcode\" data-id=\"db0098d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\n<div role=\"navigation\" aria-label=\"Language Switcher\" class=\"wpml-ls-statics-shortcode_actions wpml-ls wpml-ls-legacy-dropdown-click js-wpml-ls-legacy-dropdown-click\">\n\t<ul>\n\n\t\t<li class=\" wpml-ls-item-legacy-dropdown-click\">\n\n\t\t\t<a href=\"#\" hreflang=\"\" lang=\"\" class=\"js-wpml-ls-item-toggle wpml-ls-item-toggle\" aria-expanded=\"false\" aria-controls=\"wpml-ls-submenu-click-default\" aria-haspopup=\"true\" aria-label=\"Language switcher, click to open then tab to navigate\" tabindex=\"0\" role=\"button\" title=\"\">\n\t\t\t\t<\/a>\n\n\t\t\t<ul id=\"wpml-ls-submenu-click-default\" class=\"js-wpml-ls-sub-menu wpml-ls-sub-menu\">\n\t\t\t\t\n\t\t\t\t\t<li class=\"wpml-ls-slot-shortcode_actions wpml-ls-item wpml-ls-item-de wpml-ls-first-item wpml-ls-last-item\">\n\t\t\t\t\t\t<a href=\"https:\/\/cirosec.de\/\" hreflang=\"de\" lang=\"de\" class=\"wpml-ls-link\" aria-label=\"Switch to German\" title=\"Switch to German\">\n\t\t\t\t\t\t\t                                    <img decoding=\"async\"\n            class=\"wpml-ls-flag\"\n            src=\"https:\/\/cirosec.de\/wp-content\/plugins\/sitepress-multilingual-cms\/res\/flags\/de.svg\"\n            alt=\"German\"\n            loading=\"lazy\"\n            width=15\n            height=9\n    \/><\/a>\n\t\t\t\t\t<\/li>\n\n\t\t\t\t\t\t\t<\/ul>\n\n\t\t<\/li>\n\n\t<\/ul>\n<\/div>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-65a0be9 elementor-widget__width-initial elementor-widget-tablet__width-initial elementor-nav-menu--dropdown-mobile elementor-nav-menu--stretch elementor-nav-menu__align-start elementor-widget-mobile__width-auto elementor-hidden-tablet elementor-hidden-mobile elementor-hidden-tablet_extra elementor-hidden-mobile_extra elementor-widget-mobile_extra__width-initial elementor-nav-menu__text-align-aside elementor-nav-menu--toggle elementor-nav-menu--burger elementor-widget elementor-widget-nav-menu\" data-id=\"65a0be9\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;full_width&quot;:&quot;stretch&quot;,&quot;layout&quot;:&quot;horizontal&quot;,&quot;submenu_icon&quot;:{&quot;value&quot;:&quot;&lt;i class=\\&quot;fas fa-caret-down\\&quot; aria-hidden=\\&quot;true\\&quot;&gt;&lt;\\\/i&gt;&quot;,&quot;library&quot;:&quot;fa-solid&quot;},&quot;toggle&quot;:&quot;burger&quot;}\" data-widget_type=\"nav-menu.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t<nav aria-label=\"Menu\" class=\"elementor-nav-menu--main elementor-nav-menu__container elementor-nav-menu--layout-horizontal e--pointer-none\">\n\t\t\t\t<ul id=\"menu-1-65a0be9\" class=\"elementor-nav-menu\"><li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-home menu-item-7077\"><a href=\"https:\/\/cirosec.de\/en\/\" class=\"elementor-item\">cirosec<\/a><\/li>\n<li class=\"menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-16136\"><a href=\"#\" class=\"elementor-item elementor-item-anchor\">Services<\/a>\n<ul class=\"sub-menu elementor-nav-menu--dropdown\">\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-15941\"><a href=\"https:\/\/cirosec.de\/en\/services\/\" class=\"elementor-sub-item\">Overview<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9131\"><a href=\"https:\/\/cirosec.de\/en\/services\/consulting-concepts-reviews-and-analyses\/\" class=\"elementor-sub-item\">Consulting, Concepts, Reviews and Analyses<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9073\"><a href=\"https:\/\/cirosec.de\/en\/services\/penetration-tests\/\" class=\"elementor-sub-item\">Penetration Tests<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9077\"><a href=\"https:\/\/cirosec.de\/en\/services\/red-team-assessments\/\" class=\"elementor-sub-item\">Red Team Assessments<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9076\"><a href=\"https:\/\/cirosec.de\/en\/services\/incident-response-and-forensics\/\" class=\"elementor-sub-item\">Incident Response and Forensics<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9075\"><a href=\"https:\/\/cirosec.de\/en\/services\/selection-implementation-of-products-and-solutions\/\" class=\"elementor-sub-item\">Implementation of Products and Solutions<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9078\"><a href=\"https:\/\/cirosec.de\/en\/services\/it-security-training-and-awareness\/\" class=\"elementor-sub-item\">Trainings and Awareness<\/a><\/li>\n<\/ul>\n<\/li>\n<li class=\"menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-16137\"><a href=\"#\" class=\"elementor-item elementor-item-anchor\">Trainings<\/a>\n<ul class=\"sub-menu elementor-nav-menu--dropdown\">\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-15940\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/\" class=\"elementor-sub-item\">Overview<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9092\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/malware-and-ransomware-background-detection-protection-and-response\/\" class=\"elementor-sub-item\">Malware and Ransomware \u2013 Background, Detection, Protection and Response<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9095\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/security-in-microsoft-office-365\/\" class=\"elementor-sub-item\">Security in Microsoft Office 365<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9083\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/hacking-and-hardening-of-windows-operating-systems\/\" class=\"elementor-sub-item\">Hacking and Hardening of Windows Operating Systems<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9082\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/hacking-and-hardening-of-windows-infrastructures\/\" class=\"elementor-sub-item\">Hacking and Hardening of Windows Infrastructures<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9084\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/hacking-extreme\/\" class=\"elementor-sub-item\">Hacking Extreme<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9086\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/hacking-extreme-web-applications\/\" class=\"elementor-sub-item\">Hacking Extreme Web Applications<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9080\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/crash-course-it-and-information-security\/\" class=\"elementor-sub-item\">Crash Course IT and Information Security<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-13051\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/nis2-information-security-for-chief-executive-officers\/\" class=\"elementor-sub-item\">NIS 2 Training for Management<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9087\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/incident-handling-response\/\" class=\"elementor-sub-item\">Incident Handling &amp; Response<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-26257\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/training-in-immediate-measures\/\" class=\"elementor-sub-item\">Training in Imm\u00adediate Mea\u00adsures<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-26265\"><a href=\"https:\/\/cirosec.de\/en\/?page_id=26258\" class=\"elementor-sub-item\">Inci\u00addent Res\u00adponse Readi\u00adness Work\u00adshop<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9094\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/security-in-azure-cloud-environments\/\" class=\"elementor-sub-item\">Security in Azure Cloud Environments<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9089\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/iso-27001-lead-implementer\/\" class=\"elementor-sub-item\">ISO 27001 Lead Implementer<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9088\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/iso-27001-lead-auditor\/\" class=\"elementor-sub-item\">ISO 27001 Lead Auditor<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9081\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/forensics-extreme\/\" class=\"elementor-sub-item\">Forensics Extreme<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9093\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/security-in-aws-cloud-environments\/\" class=\"elementor-sub-item\">Security in AWS Cloud Environments<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9091\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/it-security-for-strategists-and-managers\/\" class=\"elementor-sub-item\">IT Security for Strategists and Managers<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9090\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/it-security-for-developers\/\" class=\"elementor-sub-item\">IT Security for Developers<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9085\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/hacking-extreme-buffer-overflows\/\" class=\"elementor-sub-item\">Hacking Extreme Buffer Overflows<\/a><\/li>\n<\/ul>\n<\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9064\"><a href=\"https:\/\/cirosec.de\/en\/about-us\/\" class=\"elementor-item\">About us<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9160\"><a href=\"https:\/\/cirosec.de\/en\/blog\/\" class=\"elementor-item\">Blog<\/a><\/li>\n<\/ul>\t\t\t<\/nav>\n\t\t\t\t\t<div class=\"elementor-menu-toggle\" role=\"button\" tabindex=\"0\" aria-label=\"Menu Toggle\" aria-expanded=\"false\">\n\t\t\t<i aria-hidden=\"true\" role=\"presentation\" class=\"elementor-menu-toggle__icon--open eicon-menu-bar\"><\/i><i aria-hidden=\"true\" role=\"presentation\" class=\"elementor-menu-toggle__icon--close eicon-close\"><\/i>\t\t<\/div>\n\t\t\t\t\t<nav class=\"elementor-nav-menu--dropdown elementor-nav-menu__container\" aria-hidden=\"true\">\n\t\t\t\t<ul id=\"menu-2-65a0be9\" class=\"elementor-nav-menu\"><li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-home menu-item-7077\"><a href=\"https:\/\/cirosec.de\/en\/\" class=\"elementor-item\" tabindex=\"-1\">cirosec<\/a><\/li>\n<li class=\"menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-16136\"><a href=\"#\" class=\"elementor-item elementor-item-anchor\" tabindex=\"-1\">Services<\/a>\n<ul class=\"sub-menu elementor-nav-menu--dropdown\">\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-15941\"><a href=\"https:\/\/cirosec.de\/en\/services\/\" class=\"elementor-sub-item\" tabindex=\"-1\">Overview<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9131\"><a href=\"https:\/\/cirosec.de\/en\/services\/consulting-concepts-reviews-and-analyses\/\" class=\"elementor-sub-item\" tabindex=\"-1\">Consulting, Concepts, Reviews and Analyses<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9073\"><a href=\"https:\/\/cirosec.de\/en\/services\/penetration-tests\/\" class=\"elementor-sub-item\" tabindex=\"-1\">Penetration Tests<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9077\"><a href=\"https:\/\/cirosec.de\/en\/services\/red-team-assessments\/\" class=\"elementor-sub-item\" tabindex=\"-1\">Red Team Assessments<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9076\"><a href=\"https:\/\/cirosec.de\/en\/services\/incident-response-and-forensics\/\" class=\"elementor-sub-item\" tabindex=\"-1\">Incident Response and Forensics<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9075\"><a href=\"https:\/\/cirosec.de\/en\/services\/selection-implementation-of-products-and-solutions\/\" class=\"elementor-sub-item\" tabindex=\"-1\">Implementation of Products and Solutions<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9078\"><a href=\"https:\/\/cirosec.de\/en\/services\/it-security-training-and-awareness\/\" class=\"elementor-sub-item\" tabindex=\"-1\">Trainings and Awareness<\/a><\/li>\n<\/ul>\n<\/li>\n<li class=\"menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-16137\"><a href=\"#\" class=\"elementor-item elementor-item-anchor\" tabindex=\"-1\">Trainings<\/a>\n<ul class=\"sub-menu elementor-nav-menu--dropdown\">\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-15940\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/\" class=\"elementor-sub-item\" tabindex=\"-1\">Overview<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9092\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/malware-and-ransomware-background-detection-protection-and-response\/\" class=\"elementor-sub-item\" tabindex=\"-1\">Malware and Ransomware \u2013 Background, Detection, Protection and Response<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9095\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/security-in-microsoft-office-365\/\" class=\"elementor-sub-item\" tabindex=\"-1\">Security in Microsoft Office 365<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9083\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/hacking-and-hardening-of-windows-operating-systems\/\" class=\"elementor-sub-item\" tabindex=\"-1\">Hacking and Hardening of Windows Operating Systems<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9082\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/hacking-and-hardening-of-windows-infrastructures\/\" class=\"elementor-sub-item\" tabindex=\"-1\">Hacking and Hardening of Windows Infrastructures<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9084\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/hacking-extreme\/\" class=\"elementor-sub-item\" tabindex=\"-1\">Hacking Extreme<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9086\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/hacking-extreme-web-applications\/\" class=\"elementor-sub-item\" tabindex=\"-1\">Hacking Extreme Web Applications<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9080\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/crash-course-it-and-information-security\/\" class=\"elementor-sub-item\" tabindex=\"-1\">Crash Course IT and Information Security<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-13051\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/nis2-information-security-for-chief-executive-officers\/\" class=\"elementor-sub-item\" tabindex=\"-1\">NIS 2 Training for Management<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9087\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/incident-handling-response\/\" class=\"elementor-sub-item\" tabindex=\"-1\">Incident Handling &amp; Response<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-26257\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/training-in-immediate-measures\/\" class=\"elementor-sub-item\" tabindex=\"-1\">Training in Imm\u00adediate Mea\u00adsures<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-26265\"><a href=\"https:\/\/cirosec.de\/en\/?page_id=26258\" class=\"elementor-sub-item\" tabindex=\"-1\">Inci\u00addent Res\u00adponse Readi\u00adness Work\u00adshop<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9094\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/security-in-azure-cloud-environments\/\" class=\"elementor-sub-item\" tabindex=\"-1\">Security in Azure Cloud Environments<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9089\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/iso-27001-lead-implementer\/\" class=\"elementor-sub-item\" tabindex=\"-1\">ISO 27001 Lead Implementer<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9088\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/iso-27001-lead-auditor\/\" class=\"elementor-sub-item\" tabindex=\"-1\">ISO 27001 Lead Auditor<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9081\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/forensics-extreme\/\" class=\"elementor-sub-item\" tabindex=\"-1\">Forensics Extreme<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9093\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/security-in-aws-cloud-environments\/\" class=\"elementor-sub-item\" tabindex=\"-1\">Security in AWS Cloud Environments<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9091\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/it-security-for-strategists-and-managers\/\" class=\"elementor-sub-item\" tabindex=\"-1\">IT Security for Strategists and Managers<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9090\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/it-security-for-developers\/\" class=\"elementor-sub-item\" tabindex=\"-1\">IT Security for Developers<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9085\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/hacking-extreme-buffer-overflows\/\" class=\"elementor-sub-item\" tabindex=\"-1\">Hacking Extreme Buffer Overflows<\/a><\/li>\n<\/ul>\n<\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9064\"><a href=\"https:\/\/cirosec.de\/en\/about-us\/\" class=\"elementor-item\" tabindex=\"-1\">About us<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9160\"><a href=\"https:\/\/cirosec.de\/en\/blog\/\" class=\"elementor-item\" tabindex=\"-1\">Blog<\/a><\/li>\n<\/ul>\t\t\t<\/nav>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9ee7d03 elementor-widget-mobile__width-auto elementor-hidden-desktop elementor-widget-tablet_extra__width-auto elementor-widget-tablet__width-auto elementor-widget-mobile_extra__width-auto elementor-view-default elementor-widget elementor-widget-icon\" data-id=\"9ee7d03\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"icon.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-icon-wrapper\">\n\t\t\t<a class=\"elementor-icon\" href=\"#elementor-action%3Aaction%3Dpopup%3Aopen%26settings%3DeyJpZCI6MTI1MDcsInRvZ2dsZSI6ZmFsc2V9\">\n\t\t\t<i aria-hidden=\"true\" class=\"fas fa-bars\"><\/i>\t\t\t<\/a>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-25 elementor-top-column elementor-element elementor-element-9aaaa68 elementor-hidden-tablet elementor-hidden-mobile elementor-hidden-tablet_extra elementor-hidden-mobile_extra\" data-id=\"9aaaa68\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-eb812f4 elementor-widget__width-auto elementor-hidden-tablet elementor-hidden-mobile elementor-widget elementor-widget-shortcode\" data-id=\"eb812f4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\n<div role=\"navigation\" aria-label=\"Language Switcher\" class=\"wpml-ls-statics-shortcode_actions wpml-ls wpml-ls-legacy-dropdown-click js-wpml-ls-legacy-dropdown-click\">\n\t<ul>\n\n\t\t<li class=\" wpml-ls-item-legacy-dropdown-click\">\n\n\t\t\t<a href=\"#\" hreflang=\"\" lang=\"\" class=\"js-wpml-ls-item-toggle wpml-ls-item-toggle\" aria-expanded=\"false\" aria-controls=\"wpml-ls-submenu-click-default\" aria-haspopup=\"true\" aria-label=\"Language switcher, click to open then tab to navigate\" tabindex=\"0\" role=\"button\" title=\"\">\n\t\t\t\t<\/a>\n\n\t\t\t<ul id=\"wpml-ls-submenu-click-default\" class=\"js-wpml-ls-sub-menu wpml-ls-sub-menu\">\n\t\t\t\t\n\t\t\t\t\t<li class=\"wpml-ls-slot-shortcode_actions wpml-ls-item wpml-ls-item-de wpml-ls-first-item wpml-ls-last-item\">\n\t\t\t\t\t\t<a href=\"https:\/\/cirosec.de\/\" hreflang=\"de\" lang=\"de\" class=\"wpml-ls-link\" aria-label=\"Switch to German\" title=\"Switch to German\">\n\t\t\t\t\t\t\t                                    <img decoding=\"async\"\n            class=\"wpml-ls-flag\"\n            src=\"https:\/\/cirosec.de\/wp-content\/plugins\/sitepress-multilingual-cms\/res\/flags\/de.svg\"\n            alt=\"German\"\n            loading=\"lazy\"\n            width=15\n            height=9\n    \/><\/a>\n\t\t\t\t\t<\/li>\n\n\t\t\t\t\t\t\t<\/ul>\n\n\t\t<\/li>\n\n\t<\/ul>\n<\/div>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d5c65bb elementor-search-form--skin-minimal elementor-widget__width-auto elementor-hidden-tablet elementor-hidden-mobile elementor-widget elementor-widget-search-form\" data-id=\"d5c65bb\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;skin&quot;:&quot;minimal&quot;}\" data-widget_type=\"search-form.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<search role=\"search\">\n\t\t\t<form class=\"elementor-search-form\" action=\"https:\/\/cirosec.de\/en\/\" method=\"get\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-search-form__container\">\n\t\t\t\t\t<label class=\"elementor-screen-only\" for=\"elementor-search-form-d5c65bb\">Search<\/label>\n\n\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-search-form__icon\">\n\t\t\t\t\t\t\t<i aria-hidden=\"true\" class=\"fas fa-search\"><\/i>\t\t\t\t\t\t\t<span class=\"elementor-screen-only\">Search<\/span>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\n\t\t\t\t\t<input id=\"elementor-search-form-d5c65bb\" placeholder=\"Search...\" class=\"elementor-search-form__input\" type=\"search\" name=\"s\" value=\"\">\n\t\t\t\t\t<input type='hidden' name='lang' value='en' \/>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t<\/form>\n\t\t<\/search>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-25 elementor-top-column elementor-element elementor-element-071bdb7 elementor-hidden-tablet elementor-hidden-mobile elementor-hidden-tablet_extra elementor-hidden-mobile_extra\" data-id=\"071bdb7\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4d21fed elementor-widget elementor-widget-button\" data-id=\"4d21fed\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"button.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-button-wrapper\">\n\t\t\t\t\t<a class=\"elementor-button elementor-button-link elementor-size-sm\" href=\"https:\/\/cirosec.de\/en\/inquiry\/\">\n\t\t\t\t\t\t<span class=\"elementor-button-content-wrapper\">\n\t\t\t\t\t\t\t\t\t<span class=\"elementor-button-text\">Send enquiry<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t<div class=\"elementor-element elementor-element-9865c47 e-flex e-con-boxed e-con e-parent\" data-id=\"9865c47\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-4efe62d elementor-widget elementor-widget-html\" data-id=\"4efe62d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<script>\n\ndocument.addEventListener('DOMContentLoaded', function() {\njQuery(function($) {\nvar mywindow = $(window);\nvar mypos = mywindow.scrollTop();\nlet scrolling = false;\nwindow.addEventListener('scroll', function() {\nscrolling = true;\n});\nsetInterval(() => {\nif (scrolling) {\nscrolling = false;\nif (mypos > 40) {\nif (mywindow.scrollTop() > mypos) {\n$('#header--sticky').addClass('headerup');\n} else {\n$('#header--sticky').removeClass('headerup');\n}\n}\nmypos = mywindow.scrollTop();\n}\n}, 300);\n});\n});\n\n<\/script>\n<style>\n#header--sticky{\ntransition : transform 0.34s ease;\n}\n.headerup{\ntransform: translateY(-110px); \/*adjust this value to the height of your header*\/\n}\n<\/style>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/header>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-37fbca56 elementor-reverse-mobile elementor-section-height-min-height elementor-section-items-stretch elementor-section-boxed elementor-section-height-default\" data-id=\"37fbca56\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t\t<div class=\"elementor-background-overlay\"><\/div>\n\t\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-no\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-7978862d\" data-id=\"7978862d\" data-element_type=\"column\" data-e-type=\"column\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5f60cbeb elementor-widget elementor-widget-post-info\" data-id=\"5f60cbeb\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"post-info.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul class=\"elementor-inline-items elementor-icon-list-items elementor-post-info\">\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item elementor-repeater-item-59da575 elementor-inline-item\" itemprop=\"about\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text elementor-post-info__item elementor-post-info__item--type-terms\">\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-post-info__terms-list\">\n\t\t\t\t<span class=\"elementor-post-info__terms-list-item\">Red Teaming<\/span>\t\t\t\t<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t<\/ul>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-61a50ae3 elementor-widget elementor-widget-heading\" data-id=\"61a50ae3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h1 class=\"elementor-heading-title elementor-size-default\">Inside the NAC Pi<\/h1>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-10247a90 elementor-widget elementor-widget-spacer\" data-id=\"10247a90\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-72be96b elementor-widget elementor-widget-text-editor\" data-id=\"72be96b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>July 5, 2024<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-2a929f4a elementor-hidden-mobile_extra elementor-hidden-mobile\" data-id=\"2a929f4a\" data-element_type=\"column\" data-e-type=\"column\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-3f6ab4ce elementor-widget elementor-widget-spacer\" data-id=\"3f6ab4ce\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-13b234da elementor-reverse-mobile elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"13b234da\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-79a633c2\" data-id=\"79a633c2\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-f256 elementor-widget elementor-widget-menu-anchor\" data-id=\"f256\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-menu-anchor\" id=\"section1\"><\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-65c5930 elementor-widget elementor-widget-heading\" data-id=\"65c5930\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-heading-title elementor-size-default\">Inside the NAC Pi: <br>\nThe journey of how we\u2019ve built our own all-in-one device to bypass NAC (including 802.1X)<\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-354864a4 elementor-widget elementor-widget-text-editor\" data-id=\"354864a4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Network access control (short: \u201cNAC\u201d) are measures for protecting physical and wireless networks. They act as gatekeepers for clients that want to connect to the network. Without these measures, connecting a device to the network is as easy as plugging it into any Ethernet port and \u2026 you\u2019re in!<\/p><p>MAC filtering simply hardcodes the MAC addresses that are allowed to connect to the network. While this is easy to bypass with MAC spoofing, it still requires an attacker to take extra steps to access the network.<\/p><p>NAC based on 802.1X on the other hand forces the connecting client to authenticate itself cryptographically against a trusted server. The server then decides whether the client is allowed to access the network. This is quite a complex thing so let\u2019s look at how it works first.<\/p><h2>Basics of 802.1X NAC<\/h2><p>One way to implement NAC is by using a protocol called IEEE 802.1X, which is a port-based network access control (PNAC). This means that the boundary is the network switch port (the so-called \u201cauthenticator\u201d) to which the client (the so-called \u201csupplicant\u201d) is directly connected. Packets originating from a client not able to authenticate must not pass this port. The authenticator in turn talks to the so-called \u201cauthentication server\u201d via the RADIUS protocol (or any other AAA protocol), and the server eventually decides whether the supplicant is allowed to enter the network. This is where the actual authentication procedure takes place.<\/p><p>802.1X defines the encapsulation of the Extensible Authentication Protocol (EAP) over wired and 802.11 wireless networks, which is known as \u201cEAP over LAN\u201d, or \u201cEAPOL\u201d for short. This is the protocol used between the supplicant and the authenticator, the latter of which transmits the authentication data of the former. EAPOL is transmitted on OSI layer 2, so the supplicant doesn\u2019t need an IP address to use it. The authenticator then takes the EAP proportion in the EAPOL packet and transmits it to the authentication server via RADIUS.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-66ba777b elementor-widget elementor-widget-text-editor\" data-id=\"66ba777b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>EAP packets being wrapped in EAPOL and RADIUS:<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7752ec7f elementor-widget elementor-widget-image\" data-id=\"7752ec7f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NAC-Pi_1b.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"NAC Pi_1b\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MTgyODQsInVybCI6Imh0dHBzOlwvXC9jaXJvc2VjLmRlXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI0XC8wN1wvTkFDLVBpXzFiLnBuZyJ9\">\n\t\t\t\t\t\t\t<img decoding=\"async\" width=\"444\" height=\"284\" src=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NAC-Pi_1b.png\" class=\"attachment-large size-large wp-image-18284\" alt=\"\" srcset=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NAC-Pi_1b.png 444w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NAC-Pi_1b-300x192.png 300w\" sizes=\"(max-width: 444px) 100vw, 444px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Figure 1: https:\/\/en.wikipedia.org\/wiki\/IEEE_802.1X#\/media\/File:802.1X_wired_protocols.png<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-5523e8ea\" data-id=\"5523e8ea\" data-element_type=\"column\" data-e-type=\"column\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5b4d9f7 elementor-position-top elementor-widget elementor-widget-image-box\" data-id=\"5b4d9f7\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><figure class=\"elementor-image-box-img\"><img decoding=\"async\" width=\"2362\" height=\"2362\" src=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/Portrait_Leon_Schmidt.png\" class=\"attachment-full size-full wp-image-18338\" alt=\"\" srcset=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/Portrait_Leon_Schmidt.png 2362w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/Portrait_Leon_Schmidt-300x300.png 300w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/Portrait_Leon_Schmidt-1024x1024.png 1024w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/Portrait_Leon_Schmidt-150x150.png 150w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/Portrait_Leon_Schmidt-768x768.png 768w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/Portrait_Leon_Schmidt-1536x1536.png 1536w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/Portrait_Leon_Schmidt-2048x2048.png 2048w\" sizes=\"(max-width: 2362px) 100vw, 2362px\" \/><\/figure><div class=\"elementor-image-box-content\"><div class=\"elementor-image-box-title\">Leon Schmidt<\/div><p class=\"elementor-image-box-description\">Consultant<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5609ce8c elementor-widget elementor-widget-heading\" data-id=\"5609ce8c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-heading-title elementor-size-default\">Category<\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3c1efd27 elementor-widget elementor-widget-post-info\" data-id=\"3c1efd27\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"post-info.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul class=\"elementor-icon-list-items elementor-post-info\">\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item elementor-repeater-item-59da575\" itemprop=\"about\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text elementor-post-info__item elementor-post-info__item--type-terms\">\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-post-info__terms-list\">\n\t\t\t\t<span class=\"elementor-post-info__terms-list-item\">Red Teaming<\/span>\t\t\t\t<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t<\/ul>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-02a1c3a elementor-widget elementor-widget-heading\" data-id=\"02a1c3a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-heading-title elementor-size-default\">Date<\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c95e029 elementor-widget elementor-widget-post-info\" data-id=\"c95e029\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"post-info.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul class=\"elementor-icon-list-items elementor-post-info\">\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item elementor-repeater-item-59da575\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text elementor-post-info__item elementor-post-info__item--type-custom\">\n\t\t\t\t\t\t\t\t\t\tJuly 5, 2024\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t<\/ul>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-75450d7 elementor-widget elementor-widget-heading\" data-id=\"75450d7\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-heading-title elementor-size-default\">Navigation<\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-46f7645 elementor-widget elementor-widget-table-of-contents\" data-id=\"46f7645\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;headings_by_tags&quot;:[&quot;h2&quot;,&quot;h3&quot;,&quot;h4&quot;],&quot;exclude_headings_by_selector&quot;:[],&quot;marker_view&quot;:&quot;bullets&quot;,&quot;icon&quot;:{&quot;value&quot;:&quot;fas fa-chevron-right&quot;,&quot;library&quot;:&quot;fa-solid&quot;},&quot;no_headings_message&quot;:&quot;No headings were found on this page.&quot;,&quot;hierarchical_view&quot;:&quot;yes&quot;,&quot;min_height&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]},&quot;min_height_tablet_extra&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]},&quot;min_height_tablet&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]},&quot;min_height_mobile_extra&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]},&quot;min_height_mobile&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]}}\" data-widget_type=\"table-of-contents.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div id=\"elementor-toc__46f7645\" class=\"elementor-toc__body\">\n\t\t\t<div class=\"elementor-toc__spinner-container\">\n\t\t\t\t<i class=\"elementor-toc__spinner eicon-animation-spin eicon-loading\" aria-hidden=\"true\"><\/i>\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-22bb9c77 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"22bb9c77\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-17d6941a\" data-id=\"17d6941a\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-6905ccb9 elementor-widget elementor-widget-menu-anchor\" data-id=\"6905ccb9\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-menu-anchor\" id=\"info-event\"><\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2b64382 elementor-widget elementor-widget-text-editor\" data-id=\"2b64382\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>So far so good. We now have an authentication layer in our network, so what\u2019s next? Well \u2026 nothing. 802.1X in its original form only adds authentication to the otherwise unprotected network. There are extensions to it, but all of them are optional and not considered here. See for more information: <span style=\"text-decoration: underline;\"><a href=\"#Mitigations\">&#8220;Possible mitigations scenarios in which the NAC Pi doesn\u2019t work&#8221;<\/a><\/span>.<\/p><h2>Reasons to bypass MAC filtering and 802.1X NAC<\/h2><p>The most obvious reason to bypass network protections for an attacker of any kind is, surprise, surprise, gaining access to the network. An attacker being allowed at the switch port often means that they may obtain a network IP address via DHCP, which allows him to communicate with all devices on his LAN segment and often also beyond it. This opens many doors for attacks like ARP spoofing, packet sniffing, denial of service and so on \u2013 which applies to all reachable devices in the network.<\/p><p>But there is more. An assumption is made especially in 802.1X-secured networks which is not made in unprotected networks: The clients in the network can be trusted, as they have authenticated themselves cryptographically, right? Well yes, but this statement is only true until some adversary bypasses this authentication. This would allow the attacker to spy on and act like a trusted client within the trusted network. Additionally, being physically \u201con the wire\u201d between the supplicant and the authenticator might even allow for advanced techniques like relaying attacks, for example using the tool ntlmrelayx (<a href=\"https:\/\/github.com\/fortra\/impacket\/blob\/master\/examples\/ntlmrelayx.py\" target=\"_blank\" rel=\"noopener\">https:\/\/github.com\/fortra\/impacket\/blob\/master\/examples\/ntlmrelayx.py<\/a>).<\/p><h2>A little bit of theory and why NAC bypasses are possible<\/h2><p>But how exactly can we bypass the 802.1X NAC authentication process? Breaking it cryptographically is not a reasonable option due to state-of-the-art cryptography being used (at least most of the time). The other option is to bypass it physically by letting the supplicant do its authentication and somehow using the link in its already authenticated state.<\/p><p>There is a tool that does exactly this: Sitting in between a supplicant and an authenticator with the goal to let the supplicant authenticate itself and then injecting traffic into the authenticated link to effectively bypass 802.1X. The tool is called silentbridge and can be found on GitHub (<span style=\"text-decoration: underline;\"><a href=\"https:\/\/github.com\/s0lst1c3\/silentbridge\" target=\"_blank\" rel=\"noopener\">https:\/\/github.com\/s0lst1c3\/silentbridge<\/a><\/span>). It is meant to be run on a Linux device and creates a transparent Linux network bridge connecting supplicant, authenticator, and a side-channel interface (from where the traffic is injected).<\/p><p>In theory, we then just wait for the supplicant to authenticate itself to the network over the transparent bridge by forwarding the supplicant\u2019s EAPOL frames to the authenticator. For security reasons, this is prevented by default in standard Linux network bridges (actually to prevent exactly attacks like this). In earlier versions of the Linux kernel, it was necessary to apply a kernel patch to reactivate EAPOL forwarding; today this can be done via the virtual sys file system. With the bridge configured to forward EAPOL frames, the attacker only needs to wait for the supplicant to complete the authentication process.<\/p><p>Port-based NAC effectively uses the MAC address to identify the supplicant, meaning that all packets originating from this address are allowed to pass the NAC, which is also true for MAC filtering. The link state is also monitored to enforce reauthentication in the event of a link termination. So, the only thing we need to do now is to use IP- and MAC-based source NAT to rewrite the source address of all packets originating from our silentbridge device or its side-channel interface to match the supplicant. However, port-based NAC is strict enough that even a single packet with the wrong MAC address on an authorized port immediately closes the port again. We must therefore always ensure that packets are only sent once this NATing is fully set up. This is called \u201cstart dark\u201d in silentbridge terminology and has the drawback that once the rogue device is introduced onto the link, the connection is interrupted for some seconds. Consequently, we need to make sure that the supplicant can reauthenticate itself in order to keep the link in an authenticated state.<\/p><p>The cool thing about this is that the actual technical implementation of the authentication process is completely irrelevant for this approach, as we do not intervene in it directly. We simply let the supplicant do its thing. We\u2019ve tested the authentication protocols &#8220;PEAP-MSCHAPv2&#8221; and &#8220;EAP-TLS&#8221; from 802.1X-2004 as well as networks that aren\u2019t using 802.1X at all but might use MAC filtering. This means that this procedure is applicable to both all variants of 802.1X-2004 and MAC filtering. Nice!<\/p><p>All these things and a few more to keep the bridge invisible in the network are done by silentbridge. But we are still missing some vital information: In order to perform the source NAT, silentbridge needs to know which source address to use to overwrite the ones from of the outgoing packets. Consequently, we must determine the IP and MAC address of the supplicant. Silentbridge also sets static ARP entries to reach the switch, on which the authenticator runs, and the networks gateway so our own packets can be routed correctly. This is done manually in order to stay silent in the \u201cstart dark\u201d stage. The authenticator ARP entry is required for EAPOL packets since they must reach the switch directly on layer 2. This means, we also need to acquire the MAC addresses of our authenticator and gateway before starting the actual attack.<\/p><p>Finding these is a simple but time-consuming process if done manually, especially if you think of a red-teaming scenario, where you don\u2019t have all the time in the world to spin up Wireshark first. We need a better approach for this\u2026<\/p><h2>Sticking it all together: Genesis of the NAC Pi<\/h2><p>Ok, so we now have some knowledge of MAC filtering, 802.1x and a tool to bypass them, but we still need the required network information. Now, where do we start? We build a hardware appliance for it!<\/p><p>We have chosen the Raspberry Pi 4 B for this purpose. It\u2019s small, can be powered with USB-C and is more than capable to handle packet bridging. We use USB-Ethernet adapters to add more physical interfaces to the Raspberry Pi. Software-wise, we have developed multiple scripts that instrument silentbridge to perform the 802.1X bypass fully automated by doing the following steps:<\/p><ol><li>Detecting connected devices to confirm that bridging and injection via the side-channel interface is possible.<\/li><li>Creating the transparent bridge with silentbridge without adding the side-channel yet.<\/li><li>Preventing locally generated packets from leaving the NAC Pi (\u201cstart dark\u201d) but leaving the bridging intact.<\/li><li>Running a tcpdump on the bridge to collect the supplicant IP and MAC address as well as the switch and gateway MAC address (this is not as easy as it sounds).<\/li><li>Adding the side-channel to the bridge and applying all iptables and arptables rules required for the source NAT.<\/li><li>\u201cLifting the radio silence\u201d created by the \u201cstart dark\u201d action in step 3.<\/li><\/ol><p>This eventually leads to the fact that we can now inject traffic onto the authenticated link via the side-channel and from the NAC Pi itself by impersonating the authenticated supplicant!<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-36b9df71 elementor-widget elementor-widget-image\" data-id=\"36b9df71\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACP_image2.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"NACP_image2\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MTgzNDAsInVybCI6Imh0dHBzOlwvXC9jaXJvc2VjLmRlXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI0XC8wN1wvTkFDUF9pbWFnZTIucG5nIn0%3D\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"640\" height=\"218\" src=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACP_image2-1024x349.png\" class=\"attachment-large size-large wp-image-18340\" alt=\"\" srcset=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACP_image2-1024x349.png 1024w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACP_image2-300x102.png 300w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACP_image2-768x262.png 768w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACP_image2.png 1334w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Figure 2: The NAC Pi intercepting the secure 802.1X channel (illustration created by cirosec)<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5675c15f elementor-widget elementor-widget-text-editor\" data-id=\"5675c15f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>But we haven\u2019t yet defined what the side-channel is. This is where the NAC Pi shines: This can be literally any device that can be represented as a Linux network interface. Currently, two possible side-channels are supported by our NAC Pi: a physical LAN device (like an attacker notebook) connected directly to it or a device in a OpenVPN tunnel that was created via LTE to allow for remote injection.<\/p><h3>Traffic injection methods: LAN and VPN over LTE<\/h3><p>In LAN mode, the NAC Pi\u2019s side-channel is a physical device connected to one of the USB-Ethernet adapters. This is the simplest way of injecting traffic but requires a dedicated device on site with custom network settings, as the side-channel network is a special subnet only used in LAN mode. For advanced scenarios, up to 13 additional devices can be connected to this subnet, e.g., by using a switch between the NAC Pi and its side-channel devices.<\/p><p>In LTE mode, the side-channel is a tunnel device. It belongs to an OpenVPN connection to one of our servers intended for NAC Pi traffic injection. The connection is established via an LTE modem connected to the NAC Pi. This way, the connection is not dropped by some corporate firewall that prevents outgoing VPN connections. One of our pentesters can now connect to the OpenVPN server from any device within our IP address range, routing all of its traffic to it. The server then routes the incoming traffic from the consultant back into the VPN tunnel established from the NAC Pi. It eventually reaches the tunnel device defined as the silentbridge side-channel.<\/p><p>We also wanted to be able to deploy multiple NAC Pi\u2019s at the same time. Each NAC Pi has been assigned an instance number that determines to which private OpenVPN network it connects. In addition, several OpenVPN configuration files have been created for the consultants, which are also assigned to a specific private network. The OpenVPN server routes the respective packets to the correct NAC Pi using policy-based routing, as can be seen in Figure 3. This way, the consultant can virtually choose the NAC Pi into which he wants to inject traffic remotely. In a large network, for example, several network segments or clients can be infiltrated simultaneously. Furthermore, several consultants can connect to one NAC Pi using the same OpenVPN configuration file to work in parallel, similar to LAN mode.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-537d9e7c elementor-widget elementor-widget-image\" data-id=\"537d9e7c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image3.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"NACPi_image3\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MTgzNDQsInVybCI6Imh0dHBzOlwvXC9jaXJvc2VjLmRlXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI0XC8wN1wvTkFDUGlfaW1hZ2UzLnBuZyJ9\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"640\" height=\"256\" src=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image3-1024x410.png\" class=\"attachment-large size-large wp-image-18344\" alt=\"\" srcset=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image3-1024x410.png 1024w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image3-300x120.png 300w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image3-768x308.png 768w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image3.png 1377w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Figure 3: Policy-based routing on the VPN, allowing multiple NAC Pi instances and consultants to connect (illustration created by cirosec)<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-774d9d00 elementor-widget elementor-widget-text-editor\" data-id=\"774d9d00\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>In both modes, the traffic-injecting side-channel device can target the NAC Pi directly via the subnet\u2019s first available host address. This is required for DNS redirecting (more on this later) and to connect to it via SSH.<\/p><p>The side-channel mode in which the NAC Pi operates is determined at boot time depending on the devices connected to it. It uses udev with a combination of USB port number rules and USB vendor\/product IDs to determine whether an LTE modem and if or how many USB-Ethernet adapters are connected. The latter is required so the NAC Pi operator knows to which USB port it needs to attach the adapters. The same udev rules then create named interfaces from those adapters which are in turn given to silentbridge. The boot script also automatically establishes the VPN connection if an LTE modem is detected.<\/p><p>A little fact in passing: For all networks created by the NAC Pi, we use addresses within the reserved carrier grade NAT subnet 100.64.0.0\/10. But why not use the private IPv4 ranges instead? We observed that using a network like 10.0.0.0\/8 runs the risk of colliding with addresses within the target network. First, we\u2019ve used IPv4 link-local addresses (the ones you get when you don\u2019t have a DHCP server in your network, but your interface is configured to use one), but they had a major drawback: On Linux, those addresses are not routable because, well, they are link-local. This meant that we couldn\u2019t use Linux devices as side-channel devices. So, we switched to the carrier grade NAT subnet. It is used nearly nowhere in networks meant for usual clients while it also has the characteristics of being globally routable (which we do not need in our case, because we only use it for NAT). So, a perfect match for us!<\/p><h3>But wait \u2026 there is more!<\/h3><p>It would be a shame having a hardware appliance that bypasses NACs but does nothing more than this. Over time, our NAC Pi has evolved into a complex network attack framework supplying advanced DNS features to the operator, allowing for easy on-link credential sniffing and even providing an endpoint for Wi-Fi keyloggers. But one thing at a time.<\/p><h4>DNS redirection service<\/h4><p>One problem we had was the fact that the attacker\u2019s device connected to the side-channel interface wasn\u2019t a fully-fledged network participant. The device has not been assigned a network-valid IP address, and no DHCP traffic reaches it, as the client only sees its connection up to the NAC Pi. Everything else is invisible bridging and routing. This means that the attacker is not aware of any of the network\u2019s information, including the internal DNS server. For some scenarios, this is bad: Let\u2019s assume the attacker wants to access an internal web service. Sure, he can just enter the IP address to begin with, but what if the page\u2019s JavaScript loads additional resources or data from let\u2019s say \u201chttps:\/\/company.local\/api\u201d? Translating all calls with the corresponding IP addresses is not a trivial task and takes time. To solve this problem, our NAC Pi has a built-in DNS redirection service: While analyzing the bridge traffic to find out the required addresses for silentbridge, it also tries to find out where most of the DNS requests are sent to \u2013 and assumes that this is the network\u2019s primary DNS server. The NAC Pi then creates iptables rules to redirect all DNS packets destined for it to this server. The attacker can now specify the NAC Pi as his DNS server (whose address is known to him), which will then redirect all DNS traffic to the detected DNS server, allowing the attacker to resolve internal hostnames, as if he would actually know the network\u2019s DNS server. Nice!<\/p><h4>Credential sniffing with BruteShark<\/h4><p>We are physically sitting on a link between an authenticated supplicant and the network. It would be such a wasted potential to not take a quick look at what the supplicant is transmitting into the network. In Windows environments, the domain-joined clients usually transmit Kerberos packets over the wire. We use the CLI version of BruteShark (<span style=\"text-decoration: underline;\"><a href=\"https:\/\/github.com\/odedshimon\/BruteShark\" target=\"_blank\" rel=\"noopener\">https:\/\/github.com\/odedshimon\/BruteShark<\/a><\/span>) to extract those Kerberos tickets from the bridge, which we can then offline-brute-force with Hashcat. BruteShark is also capable of extracting plaintext credentials from unencrypted protocols like SMTP and IMAP, but also from HTTP URLs, headers, and POST payloads, which can be seen in Figure 4.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2d008589 elementor-widget__width-inherit elementor-widget elementor-widget-image\" data-id=\"2d008589\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image4.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"NACPi_image4\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MTgzNDYsInVybCI6Imh0dHBzOlwvXC9jaXJvc2VjLmRlXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI0XC8wN1wvTkFDUGlfaW1hZ2U0LnBuZyJ9\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"640\" height=\"63\" src=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image4-1024x100.png\" class=\"attachment-large size-large wp-image-18346\" alt=\"\" srcset=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image4-1024x100.png 1024w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image4-300x29.png 300w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image4-768x75.png 768w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image4-1536x150.png 1536w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image4.png 1794w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Figure 4: Using BruteShark to sniff credentials \u2013 it has detected plaintext passwords transmitted via HTTP basic authentication<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-772f9b51 elementor-widget elementor-widget-text-editor\" data-id=\"772f9b51\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>BruteSharkCli is embedded into nacpi-ctl, which we will cover later. This makes launching it as easy as executing \u201cnacpi-ctl sniff-passwords\u201d from the command line.<\/p><h4>Wi-Fi access point for Wi-Fi keyloggers<\/h4><p>In one of our penetration tests, where our NAC Pi was used for the first time, we also wanted to place some hardware keyloggers on some clients. These keyloggers had the ability to stream keystrokes over UDP, acting as Wi-Fi clients. The SSID and credentials for an access point needed to be configured before placing them in front of the target keyboard. We thought \u201chey, it would be nice if we would just bring in our own Wi-Fi network,\u201d because we didn\u2019t have the credentials to connect to the customer network yet. But we already wanted to place some NAC Pis into the network \u2026 which are effectively Raspberry Pis \u2026 which has a Wi-Fi card on-board \u2026 and also a dedicated Internet uplink over LTE. What a coincidence!<\/p><p>So, we used hostapd, a Linux tool to turn Wi-Fi cards into Wi-Fi access points. We set the same SSID and passphrase on all NAC Pis, effectively creating a fake mesh network: Clients connecting to this network simply use the nearest access point. To prevent signal interference, each NAC Pi uses a different Wi-Fi channel calculated via its VPN instance number set at installation. Now we have an access point for all our keyloggers. But we still need a UDP server to which the keyloggers can stream their keystrokes \u2026<\/p><p>We decided to use a centralized server for this instead of collecting the keystrokes on each NAC Pi separately: our VPN gateway. First, the NAC Pi is configured as the UDP target for the keyloggers, because we already know the address (it\u2019s simply the NAC Pi\u2019s address inside the Wi-Fi network). The NAC Pi then takes these UDP packets and redirects them through the VPN tunnel to the VPN gateway. This also makes sure that we do not transfer potentially sensitive credentials unencrypted. On the VPN gateway, there is a small Go application that simply writes all incoming UDP traffic into a file. And this is the file where we will find our keystrokes!<\/p><p>To be able to differentiate from which keylogger the keystrokes are coming, they can identify themselves by setting different port numbers for the target UDP server: Sending packets to port 40001 identifies the keylogger as \u201ckeylogger 1\u201d, 40002 as \u201ckeylogger 2\u201d and so on. The Go application on the VPN server listens on a range of different ports and writes incoming traffic to different files, respectively. The server\u2019s firewall is configured to only allow connections to the UDP endpoint from within the NAC Pi VPN tunnels.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1ee41f0a elementor-widget elementor-widget-image\" data-id=\"1ee41f0a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image5.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"NACPi_image5\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MTgzNDgsInVybCI6Imh0dHBzOlwvXC9jaXJvc2VjLmRlXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI0XC8wN1wvTkFDUGlfaW1hZ2U1LnBuZyJ9\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"640\" height=\"164\" src=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image5-1024x263.png\" class=\"attachment-large size-large wp-image-18348\" alt=\"\" srcset=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image5-1024x263.png 1024w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image5-300x77.png 300w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image5-768x197.png 768w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image5.png 1060w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Figure 5: Looking into the keystroke file from keylogger 1<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3d352281 elementor-widget elementor-widget-text-editor\" data-id=\"3d352281\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Since the Wi-Fi access point uses the LTE uplink, we can also use it to ask our ISP about the remaining data volume, e.g., by connecting a phone to the access point. We also enabled the SSH listener for the Wi-Fi interface to be able to access the NAC Pi even when the side-channel devices cannot be accessed or something else goes wrong.<\/p><h3>Controlling behavior with nacpi-ctl<\/h3><p>That\u2019s a hell of a lot of features. Most of them work with the default configuration \u2013 but keep in mind that this is a hacking tool! Hackers are not exactly known to interact with software and hardware as intended. That\u2019s why we introduced nacpi-ctl \u2013 a command line tool to configure and use specific features of our NAC Pi at runtime.<\/p><p>nacpi-ctl, allows us to investigate its overall status (see Figure 6), to control the mapping of the peripherals, to control the Wi-Fi access point, to check LTE mobile data volume, to supply the attack script with network information if known, to skip the packet sniffing at boot time, or to launch any of the features like the beforementioned credential sniffing. We also added a function to clear information collected during a red teaming reliably, to protect the customer\u2019s privacy when reusing the NAC Pi \u2013 just like a factory reset.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6a4877b2 elementor-widget elementor-widget-image\" data-id=\"6a4877b2\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image6.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"NACPi_image6\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MTgzNTAsInVybCI6Imh0dHBzOlwvXC9jaXJvc2VjLmRlXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI0XC8wN1wvTkFDUGlfaW1hZ2U2LnBuZyJ9\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"640\" height=\"342\" src=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image6.png\" class=\"attachment-large size-large wp-image-18350\" alt=\"\" srcset=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image6.png 964w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image6-300x160.png 300w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image6-768x410.png 768w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Figure 6: The nacpi-ctl status command shows detected network information<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-10465ee4 elementor-widget elementor-widget-text-editor\" data-id=\"10465ee4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>nacpi-ctl was built with Python using the Typer library (<span style=\"text-decoration: underline;\"><a href=\"https:\/\/github.com\/tiangolo\/typer\">https:\/\/github.com\/tiangolo\/typer<\/a><\/span>). It\u2019s really \u201cjust\u201d a stateless tool to keep track of udev rules, systemd services and some other configuration files. But it definitely made interaction with the NAC Pi much easier.<\/p><h3>Streamlining the NAC Pi and gateway deployment processes<\/h3><p>To simplify the deployment of our NAC Pi, all changes to the attack script, nacpi-ctl and the configuration files are kept in an internal GitLab repository and are bundled in a single deployment script. Everything you need to do in order to deploy a NAC Pi is to flash Raspbian OS Lite on an SD card, plug it into a Raspberry Pi 4 B, clone the repository on there and run the deployment script. It asks you for the VPN instance number and that\u2019s it! After a reboot the NAC Pi is ready to go.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-42cc6a1c elementor-widget elementor-widget-menu-anchor\" data-id=\"42cc6a1c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-menu-anchor\" id=\"section2\"><\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6ca1ffa elementor-widget elementor-widget-image\" data-id=\"6ca1ffa\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image7.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"NACPi_image7\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MTgzNTIsInVybCI6Imh0dHBzOlwvXC9jaXJvc2VjLmRlXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI0XC8wN1wvTkFDUGlfaW1hZ2U3LnBuZyJ9\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"640\" height=\"360\" src=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image7-1024x576.png\" class=\"attachment-large size-large wp-image-18352\" alt=\"\" srcset=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image7-1024x576.png 1024w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image7-300x169.png 300w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image7-768x432.png 768w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image7-1536x864.png 1536w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/NACPi_image7.png 1920w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Figure 7: Installing a new NAC Pi with deploy.sh<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-47f471e0 elementor-widget elementor-widget-menu-anchor\" data-id=\"47f471e0\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-menu-anchor\" id=\"Mitigations\"><\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-57bf0332 elementor-widget elementor-widget-text-editor\" data-id=\"57bf0332\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>To simplify deployment even further, we have been providing pre-build images for each NAC Pi instance in recent versions, which can be flashed directly onto an SD card. The manual execution of the deployment script is therefore also obsolete. We have forked the pi-gen tool (<span style=\"text-decoration: underline;\"><a href=\"https:\/\/github.com\/RPi-Distro\/pi-gen\">https:\/\/github.com\/RPi-Distro\/pi-gen<\/a><\/span>), which is also used to build the official Raspberry Pi images and adapted it so that the deployment script is also executed during the build process. This also makes it easier for us to control and determine which Raspberry Pi OS version the NAC Pi software will ultimately run on.<\/p><p>To manage the OpenVPN server for the NAC Pis in LTE mode, we use Ansible to deploy and maintain it. It also ensures a correct firewall configuration so that NAC Pis are allowed to connect from anywhere, but traffic injection is only possible from within the cirosec IP address ranges. The Ansible script also manages the UDP keylogger endpoints and its firewall rules on the server.<\/p><h2>Possible mitigations scenarios in which the NAC Pi doesn\u2019t work<\/h2><p>Yes, you can protect yourself from this rogue device!<\/p><p>There is an EAPOL extension called IEEE 802.1AE (\u201cMACsec\u201d), which adds confidentiality and integrity to the network security cocktail. This means, we not only need to bypass authentication but encryption and key exchange mechanisms, too. Currently, this is not supported by our NAC Pi appliance. MACsec is used in 802.1X-2010, so any variant of 802.1X higher than the 2004 version is not vulnerable to be attacked with the NAC Pi. The problem, however, is that MACsec is currently not supported by most operating systems including Windows. Although this functionality can be retrofitted to client devices by using tools like Cisco AnyConnect with Network Access Manager (NAM), it is far from being applicable to all network devices, such as printers. They will still have to use fallback mechanisms like 802.1X-2004 to be able to use the network. Therefore, printers will probably remain a good target for us for the time being.<\/p><p>However, even though our NAC Pi currently can\u2019t bypass MACsec, silentbridge itself actually can under certain circumstances: Using a \u201crogue gateway attack\u201d, an attacker can effectively steal EAP credentials by diverting the supplicant\u2019s traffic to a rogue authenticator through mechanical switching at the right time. This requires two physical A\/B splitters, which function like rail switches: They can be programmatically set to either connect to the rogue device (the NAC Pi in this case) or to connect to each other directly, effectively bypassing the NAC Pi. Connecting the splitters with the rogue device allows the latter to temporarily act as the authenticator to steal the EAP credentials transmitted by the supplicant. After setting the splitters to bypass the rogue device again, the stolen credentials are then utilized by the rogue device to perform authentication on its own, without having to rely on the supplicant. This attack can even be improved by using a \u201cbait \u2018n\u2019 switch attack\u201d, where the supplicant is additionally forced to disconnect and reauthenticate itself. While reauthenticating, the credentials can be stolen in a more reliable way. Nevertheless, both variants only work with weak EAP methods, like EAP-MD5, and with the splitters as mentioned \u2013 thus requiring knowledge in electrics assembly and wiring. But maybe this complex attack will also find its way into our NAC Pi one day\u2026<\/p><p>It is also always a good idea to adhere to other security recommendations for networks. Strong network segmentation does not help against NAC attacks, but it does make it much more difficult for an attacker to actually attack systems within the network or obtain valuable information from them. We\u2019ve also seen customers of us using VPN within the company\u2019s network to force clients to authenticate on the application layer, even when in the office. Firewall rules, for example, were then taken from the Active Directory based on the logged-in user and are only valid within the cryptographically secure VPN tunnel, rendering network attacks without having access to a valid user useless. Zero Trust is another such approach, which has a similar claim to isolation and micro segmentation and offers a good second-level protection, too. Networks with such configurations make our work much more difficult (in a good sense): The NAC Pi is still usable, but in most cases, it no longer yields any added value to us.<\/p><p>We also encountered problems in environments where there is simply no wired LAN available and only Wi-Fi was in use. In this case, the connection is already encrypted, and the NAC Pi cannot be deployed as a man-in-the-middle device, besides it not having support for Wi-Fi interfaces at all. Good physical security has also often prevented the placement of the NAC Pi: access restrictions or enforced supervision by an employee for rooms with computers and especially for server rooms are invaluable, especially to prevent network attacks like this. So, keep in mind: The most secure network is one in which nothing is accessible by default.<\/p><p>We currently do not plan to publish our source code for the NAC Pi. The defense line has fallen for every one of our customers, who have been convinced by their NAC solution, where we have deployed the NAC Pi. We do not consider ourselves responsible for passing on such a tool to the public as long as this is the case. We know that there are other public NAC bypassing tools, but we are not aware of any that can cause damage outside the local network boundaries. The addition of the VPN gateway and LTE mode of the NAC Pi makes it far more dangerous than the existing tools we are aware of. The built-in, automatable man-in-the-middle functions, such as the extraction of Kerberos credentials and the ability to transfer observed keystrokes to a central server through the Wi-Fi access point, are also not part of the tools known to us. Through this article, however, we want to draw attention to the fact that tools like this one exist and clarify that you should never be complacent despite a seemingly good NAC solution.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-58de77d4\" data-id=\"58de77d4\" data-element_type=\"column\" data-e-type=\"column\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t<div class=\"elementor-widget-wrap\">\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-d504290 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"d504290\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-fb4aeef\" data-id=\"fb4aeef\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5f00e8e elementor-widget__width-initial elementor-widget elementor-widget-heading\" data-id=\"5f00e8e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Further blog articles<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-84e6fc4\" data-id=\"84e6fc4\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap\">\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-97ed689 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"97ed689\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-360f035\" data-id=\"360f035\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-db9e14f elementor-grid-3 elementor-grid-tablet-2 elementor-grid-mobile-1 elementor-posts--thumbnail-top elementor-card-shadow-yes elementor-posts__hover-gradient load-more-align-center elementor-widget elementor-widget-posts\" data-id=\"db9e14f\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;pagination_type&quot;:&quot;load_more_on_click&quot;,&quot;cards_columns&quot;:&quot;3&quot;,&quot;cards_columns_tablet&quot;:&quot;2&quot;,&quot;cards_columns_mobile&quot;:&quot;1&quot;,&quot;cards_row_gap&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:35,&quot;sizes&quot;:[]},&quot;cards_row_gap_tablet_extra&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]},&quot;cards_row_gap_tablet&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]},&quot;cards_row_gap_mobile_extra&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]},&quot;cards_row_gap_mobile&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]},&quot;load_more_spinner&quot;:{&quot;value&quot;:&quot;fas fa-spinner&quot;,&quot;library&quot;:&quot;fa-solid&quot;}}\" data-widget_type=\"posts.cards\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-posts-container elementor-posts elementor-posts--skin-cards elementor-grid\" role=\"list\">\n\t\t\t\t<article class=\"elementor-post elementor-grid-item post-9031 post type-post status-publish format-standard has-post-thumbnail hentry category-blog category-red-teaming category-red-teaming-en tag-loader-dev\" role=\"listitem\">\n\t\t\t<div class=\"elementor-post__card\">\n\t\t\t\t<a class=\"elementor-post__thumbnail__link\" href=\"https:\/\/cirosec.de\/en\/news\/loader-dev-4-amsi-and-etw\/\" tabindex=\"-1\" ><div class=\"elementor-post__thumbnail\"><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"203\" src=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/02\/web-applikationen-portale-services-300x203.jpg\" class=\"attachment-medium size-medium wp-image-12061\" alt=\"\" srcset=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/02\/web-applikationen-portale-services-300x203.jpg 300w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/02\/web-applikationen-portale-services-1024x692.jpg 1024w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/02\/web-applikationen-portale-services-768x519.jpg 768w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/02\/web-applikationen-portale-services.jpg 1500w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/div><\/a>\n\t\t\t\t<div class=\"elementor-post__badge\">Blog<\/div>\n\t\t\t\t<div class=\"elementor-post__text\">\n\t\t\t\t<h3 class=\"elementor-post__title\">\n\t\t\t<a href=\"https:\/\/cirosec.de\/en\/news\/loader-dev-4-amsi-and-etw\/\" >\n\t\t\t\tLoader Dev. 4 &#8211; AMSI and ETW\t\t\t<\/a>\n\t\t<\/h3>\n\t\t\t\t<div class=\"elementor-post__excerpt\">\n\t\t\t<p>April 30, 2024 &#8211; In the last post, we discussed how we can get rid of any hooks placed into our process by an EDR solution. However, there are also other mechanisms provided by Windows, which could help to detect our payload. Two of these are ETW and AMSI.<br \/>\n<br \/>\nAuthor: Kolja Grassmann<\/p>\n\t\t<\/div>\n\t\t\n\t\t<a class=\"elementor-post__read-more\" href=\"https:\/\/cirosec.de\/en\/news\/loader-dev-4-amsi-and-etw\/\" aria-label=\"Read more about Loader Dev. 4 &#8211; AMSI and ETW\" tabindex=\"-1\" >\n\t\t\tMehr Infos \u00bb\t\t<\/a>\n\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/article>\n\t\t\t\t<article class=\"elementor-post elementor-grid-item post-9032 post type-post status-publish format-standard has-post-thumbnail hentry category-blog-en category-blog category-red-teaming-en category-red-teaming tag-loader-dev\" role=\"listitem\">\n\t\t\t<div class=\"elementor-post__card\">\n\t\t\t\t<a class=\"elementor-post__thumbnail__link\" href=\"https:\/\/cirosec.de\/en\/news\/loader-dev-3-evading-userspace-hooks\/\" tabindex=\"-1\" ><div class=\"elementor-post__thumbnail\"><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"200\" src=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/02\/beratung-konzepte-reviews-und-analysen-300x200.jpg\" class=\"attachment-medium size-medium wp-image-12075\" alt=\"\" srcset=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/02\/beratung-konzepte-reviews-und-analysen-300x200.jpg 300w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/02\/beratung-konzepte-reviews-und-analysen-1024x683.jpg 1024w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/02\/beratung-konzepte-reviews-und-analysen-768x512.jpg 768w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/02\/beratung-konzepte-reviews-und-analysen.jpg 1500w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/div><\/a>\n\t\t\t\t<div class=\"elementor-post__badge\">Blog<\/div>\n\t\t\t\t<div class=\"elementor-post__text\">\n\t\t\t\t<h3 class=\"elementor-post__title\">\n\t\t\t<a href=\"https:\/\/cirosec.de\/en\/news\/loader-dev-3-evading-userspace-hooks\/\" >\n\t\t\t\tLoader Dev. 3 &#8211; Evading userspace hooks\t\t\t<\/a>\n\t\t<\/h3>\n\t\t\t\t<div class=\"elementor-post__excerpt\">\n\t\t\t<p>April 10, 2024 &#8211; In this post, we will go over techniques to avoid hooks placed into memory by an EDR.<br \/>\n<br \/>\nAuthor: Kolja Grassmann<\/p>\n\t\t<\/div>\n\t\t\n\t\t<a class=\"elementor-post__read-more\" href=\"https:\/\/cirosec.de\/en\/news\/loader-dev-3-evading-userspace-hooks\/\" aria-label=\"Read more about Loader Dev. 3 &#8211; Evading userspace hooks\" tabindex=\"-1\" >\n\t\t\tMehr Infos \u00bb\t\t<\/a>\n\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/article>\n\t\t\t\t<article class=\"elementor-post elementor-grid-item post-9035 post type-post status-publish format-standard has-post-thumbnail hentry category-blog category-red-teaming category-red-teaming-en tag-loader-dev\" role=\"listitem\">\n\t\t\t<div class=\"elementor-post__card\">\n\t\t\t\t<a class=\"elementor-post__thumbnail__link\" href=\"https:\/\/cirosec.de\/en\/news\/loader-dev-2-dynamically-resolving-functions\/\" tabindex=\"-1\" ><div class=\"elementor-post__thumbnail\"><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"200\" src=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/02\/aktive-directory-sicherheit-300x200.jpg\" class=\"attachment-medium size-medium wp-image-12083\" alt=\"\" srcset=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/02\/aktive-directory-sicherheit-300x200.jpg 300w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/02\/aktive-directory-sicherheit-1024x683.jpg 1024w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/02\/aktive-directory-sicherheit-768x512.jpg 768w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/02\/aktive-directory-sicherheit.jpg 1500w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/div><\/a>\n\t\t\t\t<div class=\"elementor-post__badge\">Blog<\/div>\n\t\t\t\t<div class=\"elementor-post__text\">\n\t\t\t\t<h3 class=\"elementor-post__title\">\n\t\t\t<a href=\"https:\/\/cirosec.de\/en\/news\/loader-dev-2-dynamically-resolving-functions\/\" >\n\t\t\t\tLoader Dev. 2 &#8211; Dynamically resolving functions\t\t\t<\/a>\n\t\t<\/h3>\n\t\t\t\t<div class=\"elementor-post__excerpt\">\n\t\t\t<p>March 10, 2024 &#8211; In this post, we discuss dynamically resolving functions, which help to avoid static detections based on the functions imported by our executable.<br \/>\n<br \/>\nAuthor: Kolja Grassmann<\/p>\n\t\t<\/div>\n\t\t\n\t\t<a class=\"elementor-post__read-more\" href=\"https:\/\/cirosec.de\/en\/news\/loader-dev-2-dynamically-resolving-functions\/\" aria-label=\"Read more about Loader Dev. 2 &#8211; Dynamically resolving functions\" tabindex=\"-1\" >\n\t\t\tMehr Infos \u00bb\t\t<\/a>\n\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/article>\n\t\t\t\t<article class=\"elementor-post elementor-grid-item post-9036 post type-post status-publish format-standard has-post-thumbnail hentry category-blog category-red-teaming category-red-teaming-en tag-loader-dev\" role=\"listitem\">\n\t\t\t<div class=\"elementor-post__card\">\n\t\t\t\t<a class=\"elementor-post__thumbnail__link\" href=\"https:\/\/cirosec.de\/en\/news\/loader-dev-1-basics\/\" tabindex=\"-1\" ><div class=\"elementor-post__thumbnail\"><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"200\" src=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/adi-goldstein-EUsVwEOsblE-unsplash-300x200.jpg\" class=\"attachment-medium size-medium wp-image-18516\" alt=\"\" srcset=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/adi-goldstein-EUsVwEOsblE-unsplash-300x200.jpg 300w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/adi-goldstein-EUsVwEOsblE-unsplash-1024x683.jpg 1024w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/adi-goldstein-EUsVwEOsblE-unsplash-768x513.jpg 768w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/adi-goldstein-EUsVwEOsblE-unsplash-1536x1025.jpg 1536w, https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/adi-goldstein-EUsVwEOsblE-unsplash-2048x1367.jpg 2048w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/div><\/a>\n\t\t\t\t<div class=\"elementor-post__badge\">Blog<\/div>\n\t\t\t\t<div class=\"elementor-post__text\">\n\t\t\t\t<h3 class=\"elementor-post__title\">\n\t\t\t<a href=\"https:\/\/cirosec.de\/en\/news\/loader-dev-1-basics\/\" >\n\t\t\t\tLoader Dev. 1 &#8211; Basics\t\t\t<\/a>\n\t\t<\/h3>\n\t\t\t\t<div class=\"elementor-post__excerpt\">\n\t\t\t<p>February 10, 2024 &#8211; This is the first post in a series of posts that will cover the development of a loader for evading AV and EDR solutions.<br \/>\n<br \/>\nAuthor: Kolja Grassmann<\/p>\n\t\t<\/div>\n\t\t\n\t\t<a class=\"elementor-post__read-more\" href=\"https:\/\/cirosec.de\/en\/news\/loader-dev-1-basics\/\" aria-label=\"Read more about Loader Dev. 1 &#8211; Basics\" tabindex=\"-1\" >\n\t\t\tMehr Infos \u00bb\t\t<\/a>\n\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/article>\n\t\t\t\t<\/div>\n\t\t\t\t\t<span class=\"e-load-more-spinner\">\n\t\t\t\t<i aria-hidden=\"true\" class=\"fas fa-spinner\"><\/i>\t\t\t<\/span>\n\t\t\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t<div class=\"elementor-element elementor-element-800b5f6 e-con-full e-flex e-con e-parent\" data-id=\"800b5f6\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-2e0b682 elementor-widget elementor-widget-template\" data-id=\"2e0b682\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"template.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-template\">\n\t\t\t\t\t<div data-elementor-type=\"section\" data-elementor-id=\"6023\" class=\"elementor elementor-6023 elementor-2968 elementor-2968\" data-elementor-post-type=\"elementor_library\">\n\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-3920b242 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"3920b242\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t\t<div class=\"elementor-background-overlay\"><\/div>\n\t\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-61cde52c\" data-id=\"61cde52c\" data-element_type=\"column\" data-e-type=\"column\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-7eba007 elementor-widget elementor-widget-spacer\" data-id=\"7eba007\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7346d88 elementor-widget elementor-widget-heading\" data-id=\"7346d88\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-heading-title elementor-size-default\">Do you want to protect your systems? Feel free to get in touch with us.<\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1b0432b elementor-widget elementor-widget-spacer\" data-id=\"1b0432b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-5cdf3c58 elementor-section-content-middle elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"5cdf3c58\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-40c99187\" data-id=\"40c99187\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4a1d7b6a elementor-align-right elementor-widget elementor-widget-button\" data-id=\"4a1d7b6a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"button.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-button-wrapper\">\n\t\t\t\t\t<a class=\"elementor-button elementor-button-link elementor-size-sm\" href=\"https:\/\/cirosec.de\/en\/inquiry\/\">\n\t\t\t\t\t\t<span class=\"elementor-button-content-wrapper\">\n\t\t\t\t\t\t\t\t\t<span class=\"elementor-button-text\">Send Enquiry<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-3b9d9ea6\" data-id=\"3b9d9ea6\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-7e7c4d9b elementor-widget elementor-widget-button\" data-id=\"7e7c4d9b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"button.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-button-wrapper\">\n\t\t\t\t\t<a class=\"elementor-button elementor-button-link elementor-size-sm\" href=\"https:\/\/cirosec.de\/en\/contact-us\/\">\n\t\t\t\t\t\t<span class=\"elementor-button-content-wrapper\">\n\t\t\t\t\t\t\t\t\t<span class=\"elementor-button-text\">Contact Details<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-354bad89 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"354bad89\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7e2b926d\" data-id=\"7e2b926d\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-6c781f8f elementor-widget elementor-widget-template\" data-id=\"6c781f8f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"template.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-template\">\n\t\t\t\t\t<footer data-elementor-type=\"footer\" data-elementor-id=\"6025\" class=\"elementor elementor-6025 elementor-945 elementor-945\" data-elementor-post-type=\"elementor_library\">\n\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-1e44cc2 elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"1e44cc2\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-e9b41ce\" data-id=\"e9b41ce\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-51c0c74 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"51c0c74\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-25 elementor-inner-column elementor-element elementor-element-8ac5cc6\" data-id=\"8ac5cc6\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-af371ae elementor-widget elementor-widget-theme-site-logo elementor-widget-image\" data-id=\"af371ae\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"theme-site-logo.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/cirosec.de\/en\/\">\n\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"626\" height=\"188\" src=\"https:\/\/cirosec.de\/wp-content\/uploads\/2023\/08\/Logo_Cirosec_rgb_53x16mm-transparent.png\" class=\"attachment-full size-full wp-image-5868\" alt=\"\" srcset=\"https:\/\/cirosec.de\/wp-content\/uploads\/2023\/08\/Logo_Cirosec_rgb_53x16mm-transparent.png 626w, https:\/\/cirosec.de\/wp-content\/uploads\/2023\/08\/Logo_Cirosec_rgb_53x16mm-transparent-300x90.png 300w\" sizes=\"(max-width: 626px) 100vw, 626px\" \/>\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-85f2a11 elementor-widget__width-initial elementor-widget elementor-widget-text-editor\" data-id=\"85f2a11\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Competent IT security consulting, pentests, incident response and training<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5731ee0 elementor-widget__width-initial elementor-widget elementor-widget-text-editor\" data-id=\"5731ee0\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>cirosec GmbH<br \/>Ferdinand-Braun-Stra\u00dfe 4<br \/>74074 Heilbronn, Germany<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-25 elementor-inner-column elementor-element elementor-element-c7c447f\" data-id=\"c7c447f\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4826023 elementor-widget elementor-widget-heading\" data-id=\"4826023\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h6 class=\"elementor-heading-title elementor-size-default\">Quicklinks<\/h6>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f26d479 elementor-nav-menu__align-start elementor-nav-menu--dropdown-none elementor-widget elementor-widget-nav-menu\" data-id=\"f26d479\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;layout&quot;:&quot;vertical&quot;,&quot;submenu_icon&quot;:{&quot;value&quot;:&quot;&lt;i class=\\&quot;fas fa-caret-down\\&quot; aria-hidden=\\&quot;true\\&quot;&gt;&lt;\\\/i&gt;&quot;,&quot;library&quot;:&quot;fa-solid&quot;}}\" data-widget_type=\"nav-menu.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t<nav aria-label=\"Menu\" class=\"elementor-nav-menu--main elementor-nav-menu__container elementor-nav-menu--layout-vertical e--pointer-none\">\n\t\t\t\t<ul id=\"menu-1-f26d479\" class=\"elementor-nav-menu sm-vertical\"><li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9132\"><a href=\"https:\/\/cirosec.de\/en\/about-us\/\" class=\"elementor-item\">About us<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9133\"><a href=\"https:\/\/cirosec.de\/en\/services\/\" class=\"elementor-item\">Services<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9134\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/\" class=\"elementor-item\">Trainings<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9139\"><a href=\"https:\/\/cirosec.de\/en\/secure-email-communication-with-cirosec\/\" class=\"elementor-item\">Secure Email Communication with cirosec<\/a><\/li>\n<\/ul>\t\t\t<\/nav>\n\t\t\t\t\t\t<nav class=\"elementor-nav-menu--dropdown elementor-nav-menu__container\" aria-hidden=\"true\">\n\t\t\t\t<ul id=\"menu-2-f26d479\" class=\"elementor-nav-menu sm-vertical\"><li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9132\"><a href=\"https:\/\/cirosec.de\/en\/about-us\/\" class=\"elementor-item\" tabindex=\"-1\">About us<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9133\"><a href=\"https:\/\/cirosec.de\/en\/services\/\" class=\"elementor-item\" tabindex=\"-1\">Services<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9134\"><a href=\"https:\/\/cirosec.de\/en\/trainings\/\" class=\"elementor-item\" tabindex=\"-1\">Trainings<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9139\"><a href=\"https:\/\/cirosec.de\/en\/secure-email-communication-with-cirosec\/\" class=\"elementor-item\" tabindex=\"-1\">Secure Email Communication with cirosec<\/a><\/li>\n<\/ul>\t\t\t<\/nav>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-25 elementor-inner-column elementor-element elementor-element-29e8304\" data-id=\"29e8304\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-14232af elementor-widget elementor-widget-heading\" data-id=\"14232af\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h6 class=\"elementor-heading-title elementor-size-default\">Social Media<\/h6>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c23ea92 elementor-nav-menu__align-start elementor-nav-menu--dropdown-none elementor-widget elementor-widget-nav-menu\" data-id=\"c23ea92\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;layout&quot;:&quot;vertical&quot;,&quot;submenu_icon&quot;:{&quot;value&quot;:&quot;&lt;i class=\\&quot;fas fa-caret-down\\&quot; aria-hidden=\\&quot;true\\&quot;&gt;&lt;\\\/i&gt;&quot;,&quot;library&quot;:&quot;fa-solid&quot;}}\" data-widget_type=\"nav-menu.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t<nav aria-label=\"Menu\" class=\"elementor-nav-menu--main elementor-nav-menu__container elementor-nav-menu--layout-vertical e--pointer-none\">\n\t\t\t\t<ul id=\"menu-1-c23ea92\" class=\"elementor-nav-menu sm-vertical\"><li class=\"menu-item menu-item-type-custom menu-item-object-custom menu-item-13039\"><a target=\"_blank\" href=\"https:\/\/www.instagram.com\/cirosecgmbh\" class=\"elementor-item\">Instagram<\/a><\/li>\n<li class=\"menu-item menu-item-type-custom menu-item-object-custom menu-item-9136\"><a target=\"_blank\" href=\"https:\/\/www.xing.com\/pages\/cirosecgmbh\" class=\"elementor-item\">Xing<\/a><\/li>\n<li class=\"menu-item menu-item-type-custom menu-item-object-custom menu-item-9137\"><a target=\"_blank\" href=\"https:\/\/www.linkedin.com\/company\/cirosec-gmbh\/\" class=\"elementor-item\">LinkedIn<\/a><\/li>\n<li class=\"menu-item menu-item-type-custom menu-item-object-custom menu-item-9138\"><a target=\"_blank\" href=\"https:\/\/twitter.com\/cirosec\" class=\"elementor-item\">X (Twitter)<\/a><\/li>\n<li class=\"menu-item menu-item-type-custom menu-item-object-custom menu-item-21563\"><a href=\"https:\/\/infosec.exchange\/@cirosec\" class=\"elementor-item\">Mastodon<\/a><\/li>\n<\/ul>\t\t\t<\/nav>\n\t\t\t\t\t\t<nav class=\"elementor-nav-menu--dropdown elementor-nav-menu__container\" aria-hidden=\"true\">\n\t\t\t\t<ul id=\"menu-2-c23ea92\" class=\"elementor-nav-menu sm-vertical\"><li class=\"menu-item menu-item-type-custom menu-item-object-custom menu-item-13039\"><a target=\"_blank\" href=\"https:\/\/www.instagram.com\/cirosecgmbh\" class=\"elementor-item\" tabindex=\"-1\">Instagram<\/a><\/li>\n<li class=\"menu-item menu-item-type-custom menu-item-object-custom menu-item-9136\"><a target=\"_blank\" href=\"https:\/\/www.xing.com\/pages\/cirosecgmbh\" class=\"elementor-item\" tabindex=\"-1\">Xing<\/a><\/li>\n<li class=\"menu-item menu-item-type-custom menu-item-object-custom menu-item-9137\"><a target=\"_blank\" href=\"https:\/\/www.linkedin.com\/company\/cirosec-gmbh\/\" class=\"elementor-item\" tabindex=\"-1\">LinkedIn<\/a><\/li>\n<li class=\"menu-item menu-item-type-custom menu-item-object-custom menu-item-9138\"><a target=\"_blank\" href=\"https:\/\/twitter.com\/cirosec\" class=\"elementor-item\" tabindex=\"-1\">X (Twitter)<\/a><\/li>\n<li class=\"menu-item menu-item-type-custom menu-item-object-custom menu-item-21563\"><a href=\"https:\/\/infosec.exchange\/@cirosec\" class=\"elementor-item\" tabindex=\"-1\">Mastodon<\/a><\/li>\n<\/ul>\t\t\t<\/nav>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-25 elementor-inner-column elementor-element elementor-element-871a164\" data-id=\"871a164\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a46aa52 elementor-widget elementor-widget-heading\" data-id=\"a46aa52\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h6 class=\"elementor-heading-title elementor-size-default\">Legal<\/h6>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-50e6031 elementor-nav-menu__align-start elementor-nav-menu--dropdown-none elementor-widget elementor-widget-nav-menu\" data-id=\"50e6031\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;layout&quot;:&quot;vertical&quot;,&quot;submenu_icon&quot;:{&quot;value&quot;:&quot;&lt;i class=\\&quot;fas fa-caret-down\\&quot; aria-hidden=\\&quot;true\\&quot;&gt;&lt;\\\/i&gt;&quot;,&quot;library&quot;:&quot;fa-solid&quot;}}\" data-widget_type=\"nav-menu.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t<nav aria-label=\"Menu\" class=\"elementor-nav-menu--main elementor-nav-menu__container elementor-nav-menu--layout-vertical e--pointer-none\">\n\t\t\t\t<ul id=\"menu-1-50e6031\" class=\"elementor-nav-menu sm-vertical\"><li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9146\"><a href=\"https:\/\/cirosec.de\/en\/imprint\/\" class=\"elementor-item\">Imprint<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9147\"><a href=\"https:\/\/cirosec.de\/en\/privacy-policy\/\" class=\"elementor-item\">Privacy Policy<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9148\"><a href=\"https:\/\/cirosec.de\/en\/cirosec-responsible-disclosure-policy\/\" class=\"elementor-item\">cirosec Responsible Disclosure Policy<\/a><\/li>\n<\/ul>\t\t\t<\/nav>\n\t\t\t\t\t\t<nav class=\"elementor-nav-menu--dropdown elementor-nav-menu__container\" aria-hidden=\"true\">\n\t\t\t\t<ul id=\"menu-2-50e6031\" class=\"elementor-nav-menu sm-vertical\"><li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9146\"><a href=\"https:\/\/cirosec.de\/en\/imprint\/\" class=\"elementor-item\" tabindex=\"-1\">Imprint<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9147\"><a href=\"https:\/\/cirosec.de\/en\/privacy-policy\/\" class=\"elementor-item\" tabindex=\"-1\">Privacy Policy<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-9148\"><a href=\"https:\/\/cirosec.de\/en\/cirosec-responsible-disclosure-policy\/\" class=\"elementor-item\" tabindex=\"-1\">cirosec Responsible Disclosure Policy<\/a><\/li>\n<\/ul>\t\t\t<\/nav>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/footer>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t<div class=\"elementor-element elementor-element-32fba35 e-flex e-con-boxed e-con e-parent\" data-id=\"32fba35\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>July 5, 2024 &#8211; The NAC Pi is our all-in-one man-in-the-middle device, which allows us to bypass network access control solutions, including 802.1x. We use it as an effective measure in our Red-Teaming assessments to eavesdrop on and manipulate our customers&#8217; supposedly protected network traffic. With this blog article we would like to go into the theory behind it and take you on the journey of how our device was created.<br \/>\n<br \/>\nAuthor: Leon Schmidt <\/p>\n","protected":false},"author":43,"featured_media":18544,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"elementor_canvas","format":"standard","meta":{"footnotes":""},"categories":[36],"tags":[],"class_list":["post-18213","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-red-teaming-en"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Inside the NAC Pi - cirosec<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cirosec.de\/en\/news\/inside-the-nac-pi\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Inside the NAC Pi - cirosec\" \/>\n<meta property=\"og:description\" content=\"July 5, 2024 - The NAC Pi is our all-in-one man-in-the-middle device, which allows us to bypass network access control solutions, including 802.1x. We use it as an effective measure in our Red-Teaming assessments to eavesdrop on and manipulate our customers&#039; supposedly protected network traffic. With this blog article we would like to go into the theory behind it and take you on the journey of how our device was created. Author: Leon Schmidt\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cirosec.de\/en\/news\/inside-the-nac-pi\/\" \/>\n<meta property=\"og:site_name\" content=\"cirosec\" \/>\n<meta property=\"article:published_time\" content=\"2024-07-04T07:17:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-17T07:23:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/Presse_1-scaled.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"1461\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"ne@cirosec.de\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"ne@cirosec.de\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"28 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/cirosec.de\\\/en\\\/news\\\/inside-the-nac-pi\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/cirosec.de\\\/en\\\/news\\\/inside-the-nac-pi\\\/\"},\"author\":{\"name\":\"ne@cirosec.de\",\"@id\":\"https:\\\/\\\/cirosec.de\\\/en\\\/#\\\/schema\\\/person\\\/a502baf6d9f9698b9b9236805b52fe73\"},\"headline\":\"Inside the NAC Pi\",\"datePublished\":\"2024-07-04T07:17:00+00:00\",\"dateModified\":\"2026-04-17T07:23:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/cirosec.de\\\/en\\\/news\\\/inside-the-nac-pi\\\/\"},\"wordCount\":4621,\"publisher\":{\"@id\":\"https:\\\/\\\/cirosec.de\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/cirosec.de\\\/en\\\/news\\\/inside-the-nac-pi\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/cirosec.de\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/Presse_1-scaled.jpeg\",\"articleSection\":[\"Red Teaming\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/cirosec.de\\\/en\\\/news\\\/inside-the-nac-pi\\\/\",\"url\":\"https:\\\/\\\/cirosec.de\\\/en\\\/news\\\/inside-the-nac-pi\\\/\",\"name\":\"Inside the NAC Pi - cirosec\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/cirosec.de\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/cirosec.de\\\/en\\\/news\\\/inside-the-nac-pi\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/cirosec.de\\\/en\\\/news\\\/inside-the-nac-pi\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/cirosec.de\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/Presse_1-scaled.jpeg\",\"datePublished\":\"2024-07-04T07:17:00+00:00\",\"dateModified\":\"2026-04-17T07:23:35+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/cirosec.de\\\/en\\\/news\\\/inside-the-nac-pi\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/cirosec.de\\\/en\\\/news\\\/inside-the-nac-pi\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/cirosec.de\\\/en\\\/news\\\/inside-the-nac-pi\\\/#primaryimage\",\"url\":\"https:\\\/\\\/cirosec.de\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/Presse_1-scaled.jpeg\",\"contentUrl\":\"https:\\\/\\\/cirosec.de\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/Presse_1-scaled.jpeg\",\"width\":2560,\"height\":1461,\"caption\":\"Digital technology, big data, IoT Internet of Things concept. Man using computer devices with Ai technology, futuristic network, metaverse nft abstract backgrounds\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/cirosec.de\\\/en\\\/news\\\/inside-the-nac-pi\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\\\/\\\/cirosec.de\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Inside the NAC Pi\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/cirosec.de\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/cirosec.de\\\/en\\\/\",\"name\":\"cirosec\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/cirosec.de\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/cirosec.de\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/cirosec.de\\\/en\\\/#organization\",\"name\":\"cirosec\",\"url\":\"https:\\\/\\\/cirosec.de\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/cirosec.de\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/cirosec.de\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/Logo_Cirosec_rgb_53x16mm-transparent.png\",\"contentUrl\":\"https:\\\/\\\/cirosec.de\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/Logo_Cirosec_rgb_53x16mm-transparent.png\",\"width\":626,\"height\":188,\"caption\":\"cirosec\"},\"image\":{\"@id\":\"https:\\\/\\\/cirosec.de\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/cirosec.de\\\/en\\\/#\\\/schema\\\/person\\\/a502baf6d9f9698b9b9236805b52fe73\",\"name\":\"ne@cirosec.de\",\"url\":\"https:\\\/\\\/cirosec.de\\\/en\\\/news\\\/author\\\/necirosec-de\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Inside the NAC Pi - cirosec","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cirosec.de\/en\/news\/inside-the-nac-pi\/","og_locale":"en_US","og_type":"article","og_title":"Inside the NAC Pi - cirosec","og_description":"July 5, 2024 - The NAC Pi is our all-in-one man-in-the-middle device, which allows us to bypass network access control solutions, including 802.1x. We use it as an effective measure in our Red-Teaming assessments to eavesdrop on and manipulate our customers' supposedly protected network traffic. With this blog article we would like to go into the theory behind it and take you on the journey of how our device was created. Author: Leon Schmidt","og_url":"https:\/\/cirosec.de\/en\/news\/inside-the-nac-pi\/","og_site_name":"cirosec","article_published_time":"2024-07-04T07:17:00+00:00","article_modified_time":"2026-04-17T07:23:35+00:00","og_image":[{"width":2560,"height":1461,"url":"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/Presse_1-scaled.jpeg","type":"image\/jpeg"}],"author":"ne@cirosec.de","twitter_card":"summary_large_image","twitter_misc":{"Written by":"ne@cirosec.de","Est. reading time":"28 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/cirosec.de\/en\/news\/inside-the-nac-pi\/#article","isPartOf":{"@id":"https:\/\/cirosec.de\/en\/news\/inside-the-nac-pi\/"},"author":{"name":"ne@cirosec.de","@id":"https:\/\/cirosec.de\/en\/#\/schema\/person\/a502baf6d9f9698b9b9236805b52fe73"},"headline":"Inside the NAC Pi","datePublished":"2024-07-04T07:17:00+00:00","dateModified":"2026-04-17T07:23:35+00:00","mainEntityOfPage":{"@id":"https:\/\/cirosec.de\/en\/news\/inside-the-nac-pi\/"},"wordCount":4621,"publisher":{"@id":"https:\/\/cirosec.de\/en\/#organization"},"image":{"@id":"https:\/\/cirosec.de\/en\/news\/inside-the-nac-pi\/#primaryimage"},"thumbnailUrl":"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/Presse_1-scaled.jpeg","articleSection":["Red Teaming"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/cirosec.de\/en\/news\/inside-the-nac-pi\/","url":"https:\/\/cirosec.de\/en\/news\/inside-the-nac-pi\/","name":"Inside the NAC Pi - cirosec","isPartOf":{"@id":"https:\/\/cirosec.de\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cirosec.de\/en\/news\/inside-the-nac-pi\/#primaryimage"},"image":{"@id":"https:\/\/cirosec.de\/en\/news\/inside-the-nac-pi\/#primaryimage"},"thumbnailUrl":"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/Presse_1-scaled.jpeg","datePublished":"2024-07-04T07:17:00+00:00","dateModified":"2026-04-17T07:23:35+00:00","breadcrumb":{"@id":"https:\/\/cirosec.de\/en\/news\/inside-the-nac-pi\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cirosec.de\/en\/news\/inside-the-nac-pi\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cirosec.de\/en\/news\/inside-the-nac-pi\/#primaryimage","url":"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/Presse_1-scaled.jpeg","contentUrl":"https:\/\/cirosec.de\/wp-content\/uploads\/2024\/07\/Presse_1-scaled.jpeg","width":2560,"height":1461,"caption":"Digital technology, big data, IoT Internet of Things concept. Man using computer devices with Ai technology, futuristic network, metaverse nft abstract backgrounds"},{"@type":"BreadcrumbList","@id":"https:\/\/cirosec.de\/en\/news\/inside-the-nac-pi\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/cirosec.de\/"},{"@type":"ListItem","position":2,"name":"Inside the NAC Pi"}]},{"@type":"WebSite","@id":"https:\/\/cirosec.de\/en\/#website","url":"https:\/\/cirosec.de\/en\/","name":"cirosec","description":"","publisher":{"@id":"https:\/\/cirosec.de\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cirosec.de\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/cirosec.de\/en\/#organization","name":"cirosec","url":"https:\/\/cirosec.de\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cirosec.de\/en\/#\/schema\/logo\/image\/","url":"https:\/\/cirosec.de\/wp-content\/uploads\/2023\/08\/Logo_Cirosec_rgb_53x16mm-transparent.png","contentUrl":"https:\/\/cirosec.de\/wp-content\/uploads\/2023\/08\/Logo_Cirosec_rgb_53x16mm-transparent.png","width":626,"height":188,"caption":"cirosec"},"image":{"@id":"https:\/\/cirosec.de\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/cirosec.de\/en\/#\/schema\/person\/a502baf6d9f9698b9b9236805b52fe73","name":"ne@cirosec.de","url":"https:\/\/cirosec.de\/en\/news\/author\/necirosec-de\/"}]}},"_links":{"self":[{"href":"https:\/\/cirosec.de\/en\/wp-json\/wp\/v2\/posts\/18213","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cirosec.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cirosec.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cirosec.de\/en\/wp-json\/wp\/v2\/users\/43"}],"replies":[{"embeddable":true,"href":"https:\/\/cirosec.de\/en\/wp-json\/wp\/v2\/comments?post=18213"}],"version-history":[{"count":9,"href":"https:\/\/cirosec.de\/en\/wp-json\/wp\/v2\/posts\/18213\/revisions"}],"predecessor-version":[{"id":26511,"href":"https:\/\/cirosec.de\/en\/wp-json\/wp\/v2\/posts\/18213\/revisions\/26511"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cirosec.de\/en\/wp-json\/wp\/v2\/media\/18544"}],"wp:attachment":[{"href":"https:\/\/cirosec.de\/en\/wp-json\/wp\/v2\/media?parent=18213"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cirosec.de\/en\/wp-json\/wp\/v2\/categories?post=18213"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cirosec.de\/en\/wp-json\/wp\/v2\/tags?post=18213"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}