From the course: Wireshark: Network Troubleshooting
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Examining macof attacks - Wireshark Tutorial
From the course: Wireshark: Network Troubleshooting
Examining macof attacks
- [Instructor] In this segment, we'll talk about a macof Attack. We'll discuss how it works. We'll look at the signature and then discuss ways to prevent this type of attack. Now on a switch there's what's called a switching or MAC address table. You might also hear it called a CAM table or content addressable memory. Now this table holds the pairings of MAC addresses and their associated switch ports so it knows where to deliver the data. Now this table can contain thousands of these pairings. A macof Attack will flood this table and overwhelm the switch with thousands of bogus entries. At that point, this switch will simply act like a hub and allow all the traffic to flow out all the ports. So you can follow along, I'm at this webpage, and I want you to select this scc-macof.pcapng, and I've downloaded it and opened it in Wireshark. Now once you open it up and here you can see under the status bar, there are over…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.