| VID |
13007 |
| Severity |
30 |
| Port |
520 |
| Protocol |
RIP |
| Class |
Protocol |
| Detailed Description |
The host is running RIP version 1 that is easily spoofable protocol.
The Routing Information Protocol (RIP) is a distance vector based routing protocol. All routing decisions are based on the number of hops. An Autonomous System (AS) is the overall administrative entity comprised of hosts, routers, and other network devices. RIP is known as an Interior Gateway Protocol (IGP) since it only works within a specific AS.
RIP vervion 1 is inherently insecure since it has no authentication mechanism, and RIP packets can be easily spoofed.
* References:
http://www.iss.net/security_center/static/680.php |
| Recommendation |
Use RIP version 2 with it's MD5 security mechanisms in place, or migrate to alternate routing protocols, such as OSPF with MD5 authentication.
-- OR --
Prevent RIP traffic from entering your network by blocking port 520 UDP at your border router. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
