[Gllug] A little OT: On the limits of VLANs
Dan
danthegeekman at googlemail.com
Fri May 14 12:33:43 UTC 2010
On Fri, Apr 30, 2010 at 12:51 AM, general_email at technicalbloke.com <
general_email at technicalbloke.com> wrote:
> Also I was advised of a potential "mac flooding"? attack that might
> force a switch to fail over into a hub mode of operation. I'd also like
> to check if my new switch is vulnerable to that attack, any ideas what
> its actually called, or what tool(s) can create it?
>
If your still interested. On Cisco stuff I think it's called 'port
security'. This will prevent a single port from allowing an undesirable
number of MAC address's being used by one port. Thus you can't often
overflow the CAM table which stores the MAC addressing to physical port
mapping. If this isn't enabled though you can overflow the CAM table and
then the device will move into the failopen mode and basically operate as a
hub.
To test you can use macof which is part of dSniff and comes with Backtrack
Linux.
What simple version of Linux did you go for in the end? I've used Xubutu &
Fluxbuntu in the past.
Dan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20100514/b6ba6192/attachment.html>
-------------- next part --------------
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list