MAC Address Spoofing and Bad IP Release.
Risk Description
MAC address spoofing and Bad IP Release can exploit switches lacking port security by impersonating authorized devices or connecting unauthorized ones.
Existing Controls
No Control
Risk Mitigation Policy
- Configure Port Security Features (e.g. Static MAC Address Binding, Dynamic MAC Address Learning,)
- Configure switches to block MAC Address Spoofing
- Configure STP in the switches to prevent switching loop
- Configure DHCP in proper ways.
- Regularly audit switch configurations
Location/Contact Person details
The chairman of risk management sub-committee in UTAS-SUR
Dr.Sami Al-Batashi, Phone: +968 9293 9604
Email: sami.albattashi@utas.edu.om
Risk Management Authority
Risk Management Committee in UTAS-SUR
Risk Likelihood
Medium
Risk Impact
Medium
Risk Level
Medium
Risk Incident Response Procedures
If MAC spoofing and bad IP release are detected, isolate the suspicious device, clear incorrect IP leases, and reassign valid addresses. Report the incident, document actions taken, and review network security settings to prevent recurrence.
Risk Termination
By sending the final report explaining the problem causes and how we can mitigate next time.