#Mac address flooding man in the middle mac#
Hence, the aging time of learned secure MAC addresses is separately adjustable. This feature usually relies on the "port security" feature to retain all secure MAC addresses for at least as long as they remain in the ARP table of layer 3 devices.
![mac address flooding man in the middle mac address flooding man in the middle](https://www.imperva.com/learn/wp-content/uploads/sites/13/2020/03/thumbnail_he-ARP-spoofing-attacker-pretends-to-be-both-sides-of-a-network-communication-channel.jpg)
Additional security measures are sometimes applied along with the above to prevent normal unicast flooding for unknown MAC addresses.Security features to prevent ARP spoofing or IP address spoofing in some cases may also perform additional MAC address filtering on unicast packets, however this is an implementation-dependent side-effect.
![mac address flooding man in the middle mac address flooding man in the middle](https://info.varonis.com/hs-fs/hubfs/Imported_Blog_Media/mitm-prevention.png)
![mac address flooding man in the middle mac address flooding man in the middle](https://mediad.publicbroadcasting.net/p/wual/files/styles/x_large/public/201804/flood.jpg)
The attack works by forcing legitimate MAC table contents out of the switch and forcing a unicast flooding behavior potentially sending sensitive information to portions of the network where it is not normally intended to go. In computer networking, a media access control attack or MAC flooding is a technique employed to compromise the security of network switches. Technique employed to compromise the security of network switches