An interesting thing is happening around the Internet in the past week with a new type of Distributed Denial of Service(DDoS) attack. Once such attack sent 1.35 terabits of data per second to GitHub taking the site down for five minutes before being mitigated. These attacks are a bit different from the past where compromised systems were aggregated into Botnets to send large amounts of traffic to a victim. They only need one server – an improperly configured Memcached.
These attacks known as “Amplification Attacks” are relatively easy to execute with a few simple command line tools. Consider this example:
In less than ½ second we were able to generate 1117 bytes of UDP traffic from a single 16-byte request. Scripting with a loop and you can see the power of such an attack. UDP is perfect for these types of attacks as its design does not check the validity of packets. Therefore, manipulating the source headers of the requests with a victims IP sends the large reflective payloads back to them.
As easy as these attacks are to pull off, they are just as easy to protect against. Simply ensure that the Memcached server is not directly on the Internet listening on port 11211. It should be behind a firewall. Better yet, alter the default configuration to start with TCP only by using the “-U 0” option, this will disable UDP support.
For More Information: https://www.wired.com/story/github-ddos-memcached/
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
|cookielawinfo-checbox-analytics||11 months||This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".|
|cookielawinfo-checbox-functional||11 months||The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".|
|cookielawinfo-checbox-others||11 months||This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.|
|cookielawinfo-checkbox-necessary||11 months||This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".|
|cookielawinfo-checkbox-performance||11 months||This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".|
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.