64 lines
4.1 KiB
HTML
64 lines
4.1 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
<!DOCTYPE html
|
||
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html lang="en-us" xml:lang="en-us">
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
<meta name="security" content="public" />
|
||
|
<meta name="Robots" content="index,follow" />
|
||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
||
|
<meta name="DC.Type" content="concept" />
|
||
|
<meta name="DC.Title" content="Security considerations for using RouteD" />
|
||
|
<meta name="abstract" content="This topic discusses security considerations for using the Route Daemon (RouteD) server. RouteD, provides support for the Routing Information Protocol on the system." />
|
||
|
<meta name="description" content="This topic discusses security considerations for using the Route Daemon (RouteD) server. RouteD, provides support for the Routing Information Protocol on the system." />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzamvtcpsetupsecurity.htm" />
|
||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
|
||
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
|
||
|
<meta name="DC.Format" content="XHTML" />
|
||
|
<meta name="DC.Identifier" content="tcprouted" />
|
||
|
<meta name="DC.Language" content="en-us" />
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
||
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
||
|
<title>Security considerations for using RouteD</title>
|
||
|
</head>
|
||
|
<body id="tcprouted"><a name="tcprouted"><!-- --></a>
|
||
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
||
|
<h1 class="topictitle1">Security considerations for using RouteD</h1>
|
||
|
<div><p>This topic discusses security considerations for using
|
||
|
the Route Daemon (RouteD) server. RouteD, provides support for the Routing
|
||
|
Information Protocol on the system.</p>
|
||
|
<p>The Route Daemon (RouteD) server provides support for the Routing Information
|
||
|
Protocol (RIP) on IBM<sup>®</sup> Systems. RIP is the most widely used of routing protocols.
|
||
|
It is an Interior Gateway Protocol that assists TCP/IP in the routing of IP
|
||
|
packets within an autonomous system. </p>
|
||
|
<div class="p">RouteD is intended to increase the efficiency of network traffic by allowing
|
||
|
systems within a trusted network to update each other with current route information.
|
||
|
When you run RouteD, your system can receive updates from other participating
|
||
|
systems about how transmissions (packets) should be routed. Therefore, if
|
||
|
your RouteD server is accessible to a hacker, the hacker might use it to reroute
|
||
|
your packets through a system that can sniff or modify those packets. Following
|
||
|
are suggestions for RouteD security:<ul><li>IBM Systems
|
||
|
use RIPv1, which does not provide any method for authenticating routers. It
|
||
|
is intended for use within a trusted network. If your system is in a network
|
||
|
with other systems that you do not <span class="q">"trust,"</span> you should not run the RouteD
|
||
|
server. To ensure that the RouteD server does not start automatically, type
|
||
|
the following: <kbd class="userinput">CHGRTDA AUTOSTART(*NO)</kbd></li>
|
||
|
<li>Make sure that you control who can change the RouteD configuration, which
|
||
|
requires *IOSYSCFG special authority. </li>
|
||
|
<li>If your system participates in more than one network (for example, an
|
||
|
intranet and the Internet), you can configure the RouteD server to send and
|
||
|
accept updates only with the secure network.</li>
|
||
|
</ul>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div>
|
||
|
<div class="familylinks">
|
||
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamvtcpsetupsecurity.htm" title="The following information guides you through the process of setting up TCP/IP security.">Set up TCP/IP security</a></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</body>
|
||
|
</html>
|