1
00:00:00,110 --> 00:00:06,770
So I bet you're hoping to learn how to prevent Mac flooding attacks and you've come to the right place.

2
00:00:07,250 --> 00:00:13,040
To prevent the Mac flooding attacks, network operators usually rely on the presence of one or more

3
00:00:13,040 --> 00:00:15,020
features in their network equipment.

4
00:00:15,710 --> 00:00:19,760
With a feature often called port security by vendors.

5
00:00:20,120 --> 00:00:25,910
Many advanced switches can be configured to limit the number of Mac addresses that can be learned on

6
00:00:25,910 --> 00:00:28,040
ports connected to end stations.

7
00:00:28,870 --> 00:00:34,570
Many vendors allow discovered Mac addresses to be authenticated against an authentication, authorization

8
00:00:34,570 --> 00:00:38,890
and accounting or triple A server and subsequently filtered.

9
00:00:39,870 --> 00:00:49,380
Implementations of IEEE 802.1 X Suites often allow packet filtering rules to be installed explicitly

10
00:00:49,380 --> 00:00:56,280
by a server based on dynamically learned information about clients, including the Mac address.

11
00:00:57,370 --> 00:01:05,019
Security features to prevent ARP spoofing or IP address spoofing in some cases may also perform additional

12
00:01:05,019 --> 00:01:08,350
Mac address filtering on unicast packets.

13
00:01:08,590 --> 00:01:11,800
However, this is an implementation dependent side effect.