Bypass Cisco Clean Access & Cisco NAC Appliance

Cisco NAC Appliance (formerly Cisco Clean Access) is a Network Admission Control (NAC) product that is uses to enforce security policy on computers seeking to access network resources. Therefore, an administrator can force users to comply to a policy that requires the user to install or remove programs. For example, a university I previously attended required students to install McAfee Antivirus Software and remove Peer-to-Peer programs before they were allowed to access the internet.

To bypass Cisco Clean Access a user can simply change their browser’s User Agent to an Operating System that does not require this program [ex. Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.7.8) Gecko/20050511]. An easy way to change your User Agent in Firefox is to download User Agent Switcher.

With Cisco NAC Appliance, Cisco added additional detection mechanisms such as TCP fingerprinting and JavaScript OS detection, so the User Agent trick will not work. However, by changing the default parameters of the Windows TCP/IP stack the user can still connect to the network without running any host-based checks. You can do this with Kevin.

Video Demonstration:

Full Scale Video Here
Download Here