What is a MAC Flooding? MAC flooding is a network sniffing te | Hackers Private Link

What is a MAC Flooding?

MAC flooding is a network sniffing technique that floods the switch MAC table with fake MAC addresses. This leads to overloading the switch memory and makes it act as a hub. Once the switch has been compromised, it sends the broadcast messages to all computers on a network. This makes it possible to sniff data packets as they sent on the network.

Counter Measures against MAC flooding

Some switches have the port security feature. This feature can be used to limit the number of MAC addresses on the ports. It can also be used to maintain a secure MAC address table in addition to the one provided by the switch.

Authentication, Authorization and Accounting servers can be used to filter discovered MAC addresses.

Sniffing Counter Measures

Restriction to network physical media highly reduces the chances of a network sniffer been installed

Encrypting messages as they are transmitted over the network greatly reduces their value as they are difficult to decrypt.

Changing the network to a Secure Shell (SSH)network also reduces the chances of the network been sniffed.