![]() ![]() The goal of Port Security is to prevent a network attacker from sending large number of Ethernet Frames with forged fake source MAC addresses to a Switch interface. ![]() Port security feature is meant for access ports and it will not work on trunk ports, Ether-channel ports or SPAN (Switch Port Analyzer) ports. DHCP starvation attacks can result in depletion of available IP addresses in DHCP Server scope. Port security feature can also protect the switch from DHCP starvation attacks, where a client start flooding the network with very large number of DHCP requests, each using a different source MAC address. Port Security feature can protect the switch from MAC flooding attacks. MAC flooding attack can soon drain the memory resources allocated for MAC address table and later the switch will start behaving like a network Hub. MAC address flooding attack (CAM table flooding attack) is a type of network attack where an attacker connected to a switch port floods the switch interface with very large number of Ethernet frames with different fake source MAC address. Before continuing, visit the following link to learn more about MAC flooding attack
0 Comments
Leave a Reply. |