



Image credits: Prolexic Security Engineering and Research Team

RIPv1 Protocol

Old, Yet has Massive Potential For DDOS Attacks

Reflection attacks

List Of Vulnerable devices

Remedial Measures





RIPv1, the short form of, is a long-deprecated routing protocol used still in some home office and small business routers. It has been discontinued since 1996.As observed by the researchers at Akamai’s, hackers were able to produce a DDOS attack peaked at 12.9 Gbps just by using 500 out of 53,693 devices which still uses the RIPv1 protocol. Imagine the power if they leveraged all the vulnerable devices !! Further, the unused devices could be put to work in larger and more distributed attacks.The attacker forges its victim’s IP addresses in order to establish the victim’s systems as the source of requests sent to a massive number of machines. The recipients of those requests then issue an overwhelming flood of responses back to the victim’s network, ultimately crashing that network.It would be a better idea to check if your old router falls into any of these series and if yes it's time to upgrade.series routers are still running the vulnerable and ancient RIPv1 protocol on devices. Also, more thancollectively are vulnerable. Most of the Netopia routers are issued by AT&T to customers in the U.S. BellSouth and MegaPath also distributes the routers so it would be wise to check them too.The depreciated RIPv1 protocol is the culprit here, doesn't obviously the first solution would be toor a later version.-this attack leverages devices don't ask for authentication.through an access control list and allowing only known routers through is also suggested.