[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks
- Subject: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks
- From: cb.list6 at gmail.com (Ca By)
- Date: Tue, 27 Feb 2018 22:26:25 +0000
- In-reply-to: <[email protected]>
- References: <[email protected]> <CAD6AjGQx__RNnWADF=TnaUBjN+fVpezQpM9qmFMF_G0KSj3LrQ@mail.gmail.com> <[email protected]>
On Tue, Feb 27, 2018 at 1:54 PM Chip Marshall <chip at 2bithacker.net> wrote:
> On 2018-02-27, Ca By <cb.list6 at gmail.com> sent:
> > Please do take a look at the cloudflare blog specifically as they name
> and
> > shame OVH and Digital Ocean for being the primary sources of mega crap
> > traffic
> >
> >
> https://blog.cloudflare.com/memcrashed-major-amplification-attacks-from-port-11211/
> >
> > Also, policer all UDP all the time... UDP is unsafe at any speed.
>
> Hi, DigitalOcean here. We've taken steps to mitigate this attack on our
> network.
>
> Also, we've only seen udp/11211 being a problem. I'd be interested to
> hear of anyone seeing tcp/11211 attacks.
>
Thanks DO!
Just udp.
> --
> Chip Marshall <chip at 2bithacker.net>
> http://2bithacker.net/
>