An interesting read that I found talked about how Memcached servers can be quickly hijacked and compromised by to launch large DDoS attacks. Utilizing IT spoofing and a poorly implemented UDP causes the servers to be put at risk because attackers will send a packet to the server, which will in turn greatly increase the size and forward the attack to the intended target. The fix only involved disabling the UDP port, but the question is, how many servers are out there with this setting unknowingly enable and stand at a huge vulnerability.
Reader Interactions
Comments
Leave a Reply
You must be logged in to post a comment.
Shi,
Quite an interesting article that talks about how Memcached servers can be hacked using large DDoS attacks. As far as I know, prevention against DDoS is still under research and in fact many organizations still do not have the best practices to prevent such attacks. Such situations can only be avoided by having a centralized monitoring and triggering system to check port status of all devices rather than doing it manually.