Switch learning broadcast adresses attack


I watched Keith's video : Introduction to Layer-2 switching.
At the end of the video Keith was talking about why a switch will always flood a frame with a broadcast dst address. The reason was because switch only learn mac address of source and a frame will never have a broadcast source address.

This make senses to me but I was thinking if someone create himself a malicious frame with a broadcast address as source. Will the switch learn the mac and forward every frame after this to only the attacker in the network ? If so is this not a big security issues ??



  • Interesting question. Is there an operating system that allows a host device to utilize a broadcast address as it's static ip address? That being said, network devices can take on a "pseudo-broadcast" address as described in RFC 3021.

  • my guess is that switch cannot learn broadcast address as source. the ios code does not allow it.

Sign In or Register to comment.