I have a question in regards to security and a possible effect that can be caused.
I am reviewing over security for my upcoming CCNP switch test and it was talking about two different kinds of attacks: Cam table overflow and Mac Address Spoofing.
When talking about Mac address spoofing it said the following when talking about a host having spoofed another host Mac on the network:
I always thought causing a Denial of Service meant that someone attacked and device and the ISP saw this and then shut down that traffic to that device/port, or that the traffic attack was so heavy that nothing else got through. I cold have sworn that ISP would turn something off if they saw these but maybe I am remembering wrong. I never fully explored knowledge wise the workings as I just always called it DoS and left it at a high level knowledge wise.
I never thought about an individual switch explicitly having a built in feature that would turn off a host being able to connect. Is that what it means by DoS? That the switch turns off a port or has a feature that blocks that host or port?
Or does it jut mean something more implicit in that since traffic is not getting to the host the effect is that of a denial of service.
I know once at our data center some server no longer had access to the internet caused by a DoS attack was that device turned off or the port blocked or by an ISP or the data center or a built in feature of the switch or did they just mean that the traffic attack was so heavy that nothing got through thus more of an implicit meaning that there was a denial of service.
Thanks for any feedback.