MAC flooding
MAC flooding is an attack technique used to flood the source address table of a switch with fake MAC addresses .
With a Denial of Service , massive amounts of data packets are smuggled into a switched Ethernet , all of which contain a different MAC address. The switch now saves every single one of the falsified / generated MAC addresses until its source address table overflows. In this case, the switch switches to a so-called “failopen mode”. This means that all packets, whether unicast or broadcast, as with a hub , are sent to all connected network participants. This gives an attacker the opportunity to record ( sniff ) the network traffic .
literature
- Paul Sebastian Ziegler: Network attacks from within. 1st edition, O'Reilly Verlag, Cologne 2008, ISBN 978-3-89721-778-2 .
- Christoph Sorge, Nils Gruschka, Luigi Lo Iacono: Security in communication networks. Oldenbourg Wissenschaftsverlag, Munich 2013, ISBN 978-3-486-72016-7 .
- Sean-Philip Oriyano: Hacker Techniques, Tools, and Incident Handling. Second Edition, Jones & Bartlett Learning, Burlington 2014, ISBN 978-1-284-03171-3 .
- Wayne Lewis: LAN Switching and Wireless, CCNA Exploration Companion Guide. Cisco Press, Indianapolis 2009, ISBN 978-1-58713-207-0 .
- Mohssen Mohammed, Habib-ur Rehman: Honeypots and Routers. Collecting Internet Attacks, Taylor & Francis Group, Boca Raton 2016, ISBN 978-1-4987-0220-1 .
Web links
- What is MAC flooding? How to prevent it? (accessed on August 3, 2017)
- Attacks on addressing in the LAN (accessed on August 3, 2017)
- Learning-mac-addresses-and-frames-flooding (accessed August 3, 2017)
- Solutions for LAN Protection (accessed August 3, 2017)
- Protection against ARP attacks (accessed August 3, 2017)