Posts Tagged ‘catalyst’
June 18th, 2008 | 
Author:
Configuring port security
A switch without port security allows attackers to connect to unused, ports and gather info or attack the network. All ports should be secured before a switch is deployed. Port security limits the number of MAC addresses allowed on port.
If you limit the number to 1 & assign a single MAC address only the pc attached is allowed to connect via that port, when that number is reached a security violation occurs.
Security on a switch
eMac address flooding or overflow attacks
Switches learn a source MAC address from the MAC address table
If a frame enters a switch and it does not find the destination MAC address in the table, the switch acts like a hub and floods it out all ports. Mac address tables have a limited size.
MAC address flooding uses this limitation to bombard the switch with fake addresses until the table is full. The switch then enters fail-open mode and will act like a hub.
As a result, an attacker can see all of the frames passing through the switch.