When an attacker tries to send a large number of invalid MAC addresses to the MAC table, this is known as MAC flooding. The invalid MAC addresses are flooded into the source table. When the MAC table's designated limit is reached, the legitimate MAC addresses begin to be removed.
A MAC address flooding attack (also known as a CAM table flooding assault) is a network attack in which an attacker connected to a switch port floods the switch interface with a huge number of Ethernet messages each with a different false source MAC address.
All MAC flooding tools force a switch to "fail open" so that selective MAC spoofing assaults can be carried out afterwards. A MAC spoofing attack involves a hostile host producing a packet using a genuine source MAC address currently in use on the VLAN. ofing?
On frames sent by the attacker, the source MAC address is changed. It's usually used to get beyond 802.1x port-based security, get over wireless MAC filtering, or mask the attacker's computer's identity.
Mac spoofing is a relatively simple form of computer identity theft, which can be done for good or ill causes. Changing the MAC address on a NIC (network interface controller) card is known as MAC spoofing. At the manufacturer, the MAC address is "burned in." As a result, each network card is shipped with a unique MAC address from the factory.
Cyber Forensics Masterclass with Hands on learning