February 2018
Intermediate to advanced
396 pages
9h 38m
English
Content preview from Advanced Infrastructure Penetration Testing
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
RIPv1 reflection DDoS
RIPv1, as I mentioned previously, is an old routing protocol, but attackers revived it. For example, in 2015, researchers at Akamai's Prolexic Security Engineering and Research Team (PLXsert) spotted a huge DDoS attack with 12.9 Gbps peak. Attackers used an amplified and reflected DDoS attack. In this attack, hackers craft a normal RIPv1 request query and used spoofed IP addresses which are same as that of the target. In order to defend against this type of attack, it is recommended to use RIPv2 instead of the older version. Also, you need to use access lists and block UDP packets from port 520.