![how to mitigate mac address flooding how to mitigate mac address flooding](https://documento.mx/img/detail/5c1154bd90969.jpg)
![how to mitigate mac address flooding how to mitigate mac address flooding](https://www.informatique-mania.com/wp-content/uploads/2020/12/¿Qué-es-un-ciberataque-de-MAC-Flooding-y-para-qué-sirve.jpg)
of Electronics and Communication Engineering, Gyan Vihar School of Engneering Technology, Suresh Gyan Vihar University Jaipur,Ībstract:- Wireless Sensor Network (WSN) is an emerging technology due to its wide range of applications in public and military area. To bring this interface back up, you need to issue a shutdown command and then a no shutdown command under the interface.How to Detect and Mitigate Sinkhole Attack in Wireless Sensor Network (WSN)ĭept. For example: R1#conf tįastEthernet0/2 is down, line protocol is down (errdisabled)Īs can be seen in the output above, the violation counter has incremented and the interface is now in an errdisabled mode, which basically means it has been shut down due to a port security violation. NOTE: If you wanted to test your port security configuration, you could simply change the MAC address of FastEthernet0/0 on R1 to 000a.bc01.2300, and then you would see a port security violation. Secure Port MaxSecureAddr CurrentAddr SecurityViolation Sec Action Sw1(config-if)#switchport port-security violation shutdown Sw1(config-if)#switchport port-security maximum 1 !!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 0/0/0 ms Task 4: Sw1#conf tĮnter configuration commands, one per line. Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds: %LINK-5-CHANGED: Interface Vlan10, changed state to up Task 3:įor reference information on configuring router IP interfaces, please refer to earlier labs. It must be manually set to trunk or access. The port can’t be dynamic if you intend to add port security. Task 2:įor reference information on configuring VLANs, please refer to earlier labs.
How to mitigate mac address flooding verification#
Configuration and Verification Task 1:įor reference information on configuring hostnames, please refer to earlier labs. Verify your configuration with port-security commands in Cisco IOS. In the event of port security configuration violations, where more than one MAC address is observed on that interface, the switch should shut the interface down. Task 4:Ĭonfigure port security on port FastEthernet0/2 on Sw1 so that only one MAC address is allowed to be learned on that interface. Verify that R1 can ping Sw1, and vice versa. Task 3:Ĭonfigure IP address 10.0.0.1/30 on R1’s FastEthernet0/0 interface and IP address 10.0.0.2/30 on Sw2’s VLAN10 interface. Task 2:Ĭreate VLAN10 on Sw1 and assign port FastEthernet0/2 to this VLAN as an access port. Please use the following topology to complete this lab exercise:Ĭonfigure hostnames on Sw1 and R1 as illustrated in the topology. When you are ready for your certification exam, you should complete this lab in no more than 15 minutes.
![how to mitigate mac address flooding how to mitigate mac address flooding](https://i.ytimg.com/vi/1p1M75HXZcc/hqdefault.jpg)
This lab has a difficulty rating of 8/10. This lab is suitable for CCNA certification exam preparation.
How to mitigate mac address flooding how to#
As a Cisco engineer, as well as in the Cisco CCNA exam, you will be expected to know how to configure port security to mitigate MAC flooding attacks. A common Denial of Service technique used to cripple switched networks is MAC flooding. By default, there is no limit on MAC addresses that can be learned on a port. This is accomplished by limiting the number of MAC entries that are allowed to be learned on a port. The objective of this lab exercise is to configure basic switch security to prevent MAC address flooding on switchports.