MicroNugget: What is a CAM Table Overflow Attack?

preview_player
Показать описание

In this video, Keith Barker covers CAM table overflow attacks and how to prevent them. A potential eavesdropper on your switch may try to use a CAM table overflow attack in order to view every frame that passes through the switch. Learn to identify one and prevent it.

Imagine this: you've got a disgruntled employee or an unscrupulous competitor who wants to try and peer into your network by seeing all the traffic that passes through a switch.

Normally, one of the benefits of using a Layer 2 switch is that by default it memorizes source and destination ports and sends traffic only to those ports. This provides simple security: traffic automatically goes only where it's intended.

But that functionality is provided by content addressable memory tables that enable the switch to remember every source and destination address connected to it. With the right tools, those CAM tables can be flooded with information.

When the CAM tables overflow, the switch "forgets" who is who, and instead starts broadcasting all the information it receives to all ports. Now an eavesdropper sees every frame that passes through that switch.

Keith explains the process of a CAM table overflow attack, how to identify it, and what you can do to prevent it.

Start learning with CBT Nuggets:

  1. CBT Nuggets
  2. kali linux
  3. cbt nuggets
  4. penetration testing
  5. white hat hacker
  6. kali linux virtualbox
Рекомендации по теме
MicroNugget: What is 0:09:11

MicroNugget: What is a CAM Table Overflow Attack?

MicroNuggets: CAM Table 0:08:48

MicroNuggets: CAM Table Overflow Attack Explained

MicroNugget: CAM Table 0:09:11

MicroNugget: CAM Table Overflow Attack

MicroNugget: AAA, TACACS+, 0:05:00

MicroNugget: AAA, TACACS+, and SSH

MicroNugget: How to 0:07:51

MicroNugget: How to Avoid Implementation Disasters

MicroNugget: What is 0:08:35

MicroNugget: What is DHCP Starvation Attack?

MicroNugget: SNMPv3 0:09:07

MicroNugget: SNMPv3

MicroNugget: DHCP Starvation 0:08:35

MicroNugget: DHCP Starvation Attack

MicroNugget: What is 0:07:46

MicroNugget: What is Netflow?

MicroNugget: Private VLANs 0:09:44

MicroNugget: Private VLANs

88 CAM Table 0:03:54

88 CAM Table Attacks (CCNA SEC 210-260)

MicroNugget: Slowing Down 0:06:27

MicroNugget: Slowing Down a Brute Force Attack

What is MAC 0:09:31

What is MAC Address | What is CAM table & its Working | MAC Flooding | Defend against MAC Attack...

MicroNugget: How to 0:05:34

MicroNugget: How to Rescue, Rollback, and Commit in Junos

MicroNuggets: Windows Power 0:05:43

MicroNuggets: Windows Power Efficiency Reports Explained

54 CAM Table 0:02:20

54 CAM Table

MicroNugget: How to 0:05:25

MicroNugget: How to Create Filtered Account Lists

MicroNugget: How to 0:06:48

MicroNugget: How to Prevent TCP Syn-Flood Attacks

MicroNugget: How to 0:06:56

MicroNugget: How to Switch Between Installation Modes in Server 2012

MicroNugget: How to 0:04:26

MicroNugget: How to Use Libraries in Windows

MicroNugget: Tired of 0:07:42

MicroNugget: Tired of Waiting for the Windows Start Button?

MicroNugget: What is 0:10:54

MicroNugget: What is Google BigQuery?

CAM Table Attack 0:02:07

CAM Table Attack TEST

1 Thing about 0:01:06

1 Thing about IT with Keith Barker

Комментарии
Автор

I knew about MAC flooding but i thought by default most of switches have separate MAC tables for each port so when you flood one you will block only this particular port not the entire switch.

tubiak
Автор

Keith, if we are pinging from a switch and the destination is some host connected to other switch and we have a trunk link between the 2 switches, before sending that frame over the trunk link, what VLAN ID it will use to tag the packet? I mean the the traffic was originated from the switch not from a host in a particular VLAN.

bijubalan