![]() Once the CAM table is broken, an ARP spoofing attack becomes possible - the attacker sends ARP packets to the router that instruct it to associate the victim IP address with the attacker MAC address, routing all victim traffic to the attacker machine. The CAM table is the weak point of the system - if the CAM table breaks, then the router can't properly keep track of what MAC addresses it has seen before, or which MAC addresses have been assigned which IP addresses. To do that, the router uses a CAM table, which is a table of all MAC addresses the router has seen. ![]() It is important for a router or DHCP server to keep track of the different MAC addresses it has seen, so that it can recognize a returning device versus new devices. The MAC address is associated with OSI Level 2 (Device), while the IP address is associated with OSI Level 3 (Network). MAC addresses are important on local networks because the DHCP server (or router) needs some way to identify different machines in order to hand out IP addresses. In practice, the MAC address can be controlled and spoofed. In theory, no two mac addresses should be the same. A MAC address is a digital fingerprint that is associated uniquely with a physical device.
0 Comments
Leave a Reply. |