• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

macof: command not found

by admin

MAC address flooding is a great way to render a network useless. Basically, through MAC flooding, you can turn the network into a large hub. MAC flooding works by essentially allowing the switch ports to learn as many MAC addresses as they see on their ports, and if no limits on in place, can fill up the TCAM space on the switch. Once this happens, switches turn themselves into hubs, since they can’t store the MAC for the port. They need to send every packet out to every switch to try and get the packet delivered.

Macof is a member of the dsniff suit tool set and is mainly used to flood the switch on a local network with MAC addresses. Macof generates thousands of packets per second, and each packet is sent random source and destination IP addresses. A source and destination MAC address is also different for each Ethernet frame.

macof command not found

The syntax of macof is as follows. Check out the man page or –help to get a full description of the available options:

# macof [-i interface] [-s src] [-d dst] [-e tha] [-x sport] [-y dport] [-n times]

If you encounter below error:

macof: command not found

you may try installing below package as per your choice of distribution.

Distribution Command
Debian apt-get install dsniff
Ubuntu apt-get install dsniff
Arch Linux pacman -S dsniff
Kali Linux apt-get install dsniff
Fedora dnf install dsniff
Raspbian apt-get install dsniff

Summary

MAC addresses are unique identifiers with two assigned parts—the OUI is assigned by IEEE, and the second 24 bits are assigned by the manufacturer. These addresses are stored in a table called the Content Addressable Memory (CAM). Attackers can exploit the CAM table to perform malicious activities. An attack called CAM overflow can be carried out. In other words, attackers overflow the CAM tables by exploiting the maximum limit of the CAM table size. There are many tools available, one of which is macof.

Filed Under: Linux

Some more articles you might also be interested in …

  1. How to disable NUMA on EFI Boot Loaders using GRUB2 (CentOS/RHEL 6)
  2. Troubleshooting common NFS issues in Linux
  3. How to Kill VNC Window Sessions in Linux
  4. CentOS / RHEL : How to allow or deny Users to login to VSFTP Server
  5. Linux OS Service ‘anacron’
  6. How to Remove/ Disable Bash shell Command History on Linux
  7. 10 useful cron examples to schedule jobs in Linux
  8. How to Replace a Failed Btrfs Device
  9. How to install git on ubuntu 16.04
  10. rsyslogd Command Examples in Linux

You May Also Like

Primary Sidebar

Recent Posts

  • vgextend Command Examples in Linux
  • setpci command – configure PCI device
  • db_load command – generate db database
  • bsdtar command – Read and write tape archive files

© 2022 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright