MAC flooding

from Wikipedia, the free encyclopedia

MAC flooding is an attack technique used to flood the source address table of a switch with fake MAC addresses .

With a Denial of Service , massive amounts of data packets are smuggled into a switched Ethernet , all of which contain a different MAC address. The switch now saves every single one of the falsified / generated MAC addresses until its source address table overflows. In this case, the switch switches to a so-called “failopen mode”. This means that all packets, whether unicast or broadcast, as with a hub , are sent to all connected network participants. This gives an attacker the opportunity to record ( sniff ) the network traffic .


  • Paul Sebastian Ziegler: Network attacks from within. 1st edition, O'Reilly Verlag, Cologne 2008, ISBN 978-3-89721-778-2 .
  • Christoph Sorge, Nils Gruschka, Luigi Lo Iacono: Security in communication networks. Oldenbourg Wissenschaftsverlag, Munich 2013, ISBN 978-3-486-72016-7 .
  • Sean-Philip Oriyano: Hacker Techniques, Tools, and Incident Handling. Second Edition, Jones & Bartlett Learning, Burlington 2014, ISBN 978-1-284-03171-3 .
  • Wayne Lewis: LAN Switching and Wireless, CCNA Exploration Companion Guide. Cisco Press, Indianapolis 2009, ISBN 978-1-58713-207-0 .
  • Mohssen Mohammed, Habib-ur Rehman: Honeypots and Routers. Collecting Internet Attacks, Taylor & Francis Group, Boca Raton 2016, ISBN 978-1-4987-0220-1 .

Web links