Home page logo

basics logo Security Basics mailing list archives

RE: how to flood the mac address table of a switch?
From: "Shawn Jackson" <sjackson () horizonusa com>
Date: Mon, 1 Dec 2003 11:49:56 -0800

        There is a program called macof. Its part of a package called DSniff which you can get here 
http://www.monkey.org/~dugsong/dsniff/. DSniff is a Linux suite but macof was based off of a program for the UNIX OS, 
It's been years and I can't remember the name of the program. You can also find some ARP tools at 
http://neworder.box.sk/codebox.links.php?key=arptl. At least on Cisco's switch line you can defeat ARP floods by 
enabling port security, but make sure you know the implications of that before you do. Some 'anti-arp' protections can 
be 'overly protective' especially on networks with mis-configured or chatty DHCP servers.

Shawn Jackson
Systems Administrator
Horizon USA
1190 Trademark Dr #107
Reno NV 89521
Email: sjackson () horizonusa com
Phone: (775) 858-2338
       (800) 325-1199 x338

-----Original Message-----
From: Hans Müller [mailto:ndof () gmx li] 
Sent: Monday, December 01, 2003 9:17 AM
To: security-basics () securityfocus com
Subject: how to flood the mac address table of a switch?

How can flood the mac address table of a switch, to see that the security 
function of my switch work?



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]