We have met the enemy and he is us
Our normally reserved attackers apparently became frustrated or angry yesterday, and instead of the normal host-to-host hopping, password sniffing, and other relatively non-destructive activity, they MAC flooded my router. Filled the CAM tables on all Cisco devices (old Cat4ks that have been on death row for a few years now), wreaking havoc for some, while the HP switches just chugged right along. Having part of your network fall over dead while the rest is seemingly unaffected actually makes debugging harder.
Update: That’s right, it wasn’t part of the attack after all. Somewhere in Packard a student plugged something into the net that should never have been connected, a NetFPGA set up to manufacture MAC addresses. Don’t ask for any details, they’re keeping the student’s identity from me for some reason. 
