It also sends an SNMP trap, logs a syslog message, and increments the violation counter. Shutdown: In this mode, a port security violation causes the interface to immediately bec ome error-disabled, and turns off the port LED. There are three types of secure MAC addresses: You can use the port security feature to restrict input to an interface by limiting and identifying MAC addresses of the stations allowed to access the port. If the Content Addressable Memory (the memory where the MAC addresses are stored) is full, the switch works like an hub so, if the PC A sends a packet to PC B, the packet will be received to PC C too.Ĭisco has implemented a feature, called switchport port-security, to protect against this type of attack. During the MAC flooding attack, the attacker (in this instance PC C) floods the switch with packets, each with different source MAC address. Under MAC flooding attack, the switch behaviour is different. This because the 3 PC are connected to a switch and NOT to a hub. Suppose to have a switch with 3 PC: PC A, PC B and PC C in normal situation, when PC A sends a packet to PC B, PC C does not view packet sent between PC A and PC B. A malicious user could then use a packet sniffer running in promiscuous mode to capture sensitive data from other computers, which would not be accessible were the switch operating normally.Ĭisco gives you an opportunity to set up protection against this attack with limiting and/or hardwiring some MAC addresses to a dedicated port. The result of this attack causes the switch to enter a state called failopen mode, in which all incoming packets are broadcast out on all ports ( as with a hub), instead of just down the correct port as per normal operation. The intention is to consume the limited memory set aside in the switch to store the MAC address-to-physical port translation table. In a typical MAC flooding attack, a switch is flooded with packets, each containing different source MAC addresses.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |