
Memcrashed – Major amplification attacks from UDP port 11211 - rb2e
https://blog.cloudflare.com/memcrashed-major-amplification-attacks-from-port-11211/
======
hitsurume
Anyone run memcache outside their network to be able to get attacked like
this? To be services like memcache, db, etc should all be internal use only
and never allowed access from the outside.

~~~
temprature
There's a lot of people install memcached without realising it listens on all
addresses by default. If you install it and run it via whatever system your
OS/distro uses, you'd never need to look at the man page so you wouldn't find
this out.

------
muglug
I was caught up in this, but luckily my hosting provider (MediaTemple)
disabled my server due to the large bandwidth overruns.

It was fun to spend Sunday night hurriedly reading up on iptables. Still
getting a lot of inbound traffic (everything is getting dropped), but
thankfully no outbound now.

