Port security mac-address which can be dynamic or sticky (Discussed in the next lab), the maximum MAC addresses that can be associated with a particular port and the violation action rather it protect, restrict or shutdown the port once the max MAC address limit has been exceeded or a device does not match the configured MAC address on the port security configuration. There are several configuration requirements to enable port-security correctly such as port security mac address aging which sets a timeout timer which is used to determine how long a MAC address should stay associated with a particular port. one MAC for the built in phone switch, another MAC for the phone its self and the last mac for the directly connected PC. When you connect a phone to the network it will advertise three MAC addresses to the switch. Why 3? Most Networks envision a future where VoIP will be utilized on their network and when using a Cisco VoIP Solution, the Cisco VoIP Phone has a built in mini switch.
Ideally, no more then three MAC addresses should be learned at any given time on a Cisco network. Port Security is essentially a layer 2 security mechanism that can limit the number of mac addresses that can be learned on a single switch port or perhaps be used as a security barrier to prevent anyone from unplugging a network device and plugging in a new device without authorization. They know if they can flood the switch with thousands of fake mac addresses then the switch will become basically a hub and all traffic will be forwarded to their machine, in this case they could sniff telnet or any other insecure protocol used in the environment to gain further access into the network.Ī way to prevent this “mac address table poisoning” vulnerability is to use a feature called “Port Security” Hackers know this and they will use this to gain access into a network. It’s common knowledge that when a switch reaches the maximum limit for its mac address table it starts flooding traffic out all ports like a hub.
0 kommentar(er)
