During the MAC flooding attack, the attacker (in this instance PC C) floods the switch with packets, each with different source MAC address. Under MAC flooding attack, the switch behaviour is different. This because the 3 PC are connected to a switch and NOT to a hub. Suppose to have a switch with 3 PC: PC A, PC B and PC C in normal situation, when PC A sends a packet to PC B, PC C does not view packet sent between PC A and PC B.
A malicious user could then use a packet sniffer running in promiscuous mode to capture sensitive data from other computers, which would not be accessible were the switch operating normally.Ĭisco gives you an opportunity to set up protection against this attack with limiting and/or hardwiring some MAC addresses to a dedicated port. The result of this attack causes the switch to enter a state called failopen mode, in which all incoming packets are broadcast out on all ports ( as with a hub), instead of just down the correct port as per normal operation.
The intention is to consume the limited memory set aside in the switch to store the MAC address-to-physical port translation table. Keyword is available only if a voice VLAN is first configured on a port and if that port is not the access VLAN.In a typical MAC flooding attack, a switch is flooded with packets, each containing different source MAC addresses. Switch(config-if)# switchport port-security mac-address sticky vlan 10 voiceĬonverts all dynamic port security learned MAC addresses to sticky secure MAC addresses on voice VLAN 10. Switch(config-if)# switchport port-security mac-address stickyĬonverts all dynamic port security learned MAC addresses to sticky secure MAC addresses. Switch(config)#interface fastethernet 0/5 If this file is saved, the sticky MAC addresses do not have to be relearned when the switch is rebooted, and thus provide a high level of switch port security. These addresses are stored in the running configuration file. Sticky MAC addresses limit switch port access to a specific MAC address that can be dynamically learned, as opposed to a network administrator manually associating a MAC address with a specific switch port. Sticky MAC addresses are a feature of port security.
0 kommentar(er)
