Skip to content

UDP Amplification Attacks, result of Memcached UDP port 11211 #348

Closed
@LindenCX

Description

@LindenCX

2439472

The above commit has resulted in the ability to spoof a victim address to public memcache servers around the world, resulting in a massive amount of data returned from the memcache service. (to the victim)

Simple example:
https://blog.cloudflare.com/content/images/2018/02/spoofing.png

These attacks appear to be ranging anywhere from 25Gbps to over 250Gbps.

This has been confirmed on the backlines by many providers, as well as publicly by Cloudflare, and Rapid7.

https://blog.cloudflare.com/memcrashed-major-amplification-attacks-from-port-11211
https://blog.rapid7.com/2018/02/27/the-flip-side-of-memcrashed/

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions