Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Enable UDP by default, clean up server socket code (Brian Aker)
git-svn-id: http://code.sixapart.com/svn/memcached/trunk/server@726 b0b603af-a30f-0410-a34e-baf09ae79d0b
- Loading branch information
Showing
1 changed file
with
74 additions
and
126 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2439472
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi,
this commit was starter of current biggest UDP amplification attack with impact bigger than DNS amplification attack.
See https://medium.com/@qratorlabs/the-memcached-amplification-attack-reaching-500-gbps-b439a7b83c98 or https://blog.cloudflare.com/memcrashed-major-amplification-attacks-from-port-11211/.
Thousands of unsecured memcached installations over the world, are part of DDoS attacks with power of few Tbps throughput :-( Our project was first victim in Czech Republic with power about 230 Gbps.
I know, it's primarily about server admins, but it's sad...
2439472
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I know it isn't much solace but I've been aware of this for a couple days:
https://github.com/memcached/memcached/wiki/ReleaseNotes156
if you can get the source address of any server, you can also easily disable them:
https://twitter.com/dormando/status/968579781729009664
distro's and vendors should be shutting off UDP going forward.
2439472
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.