12.5 Gbps RIPv1 DDoS
Reflector type attack where the victim’s IP is spoofed as destination of a RIPv1 message that sends back routing table responses.
Interesting thought is Akamai’s recommendation for mitigation: as it is impossible for manufacturers of all kinds of small & SOHO routers to begin updating all devices to disable RIPv1 by default (many devices are end of life and no longer supported), the recommendation is to have ISPs think about blocking that RIPv1 traffic. Obviously a touchy subject, but already today some ISPs block by default some ports for residential users as a security measure. If a user wants he can have the ports activated. (usually only expert users request this, who know what they are doing – or are more likely to know)
It’s time to declare RIPv1 to Rest In Peace.