Home Sign Up Sign In
V2EX = way to explore
V2EX 是一个关于分享和探索的地方
Sign Up Now
For Existing Member  Sign In
miyuki

暴露在公网且默认开启了 UDP 的 memcached 被用来反射攻击

  •   
  •   miyuki · Mar 1, 2018 · 2749 views
    This topic created in 2980 days ago, the information mentioned may be changed or developed.

    https://blog.cloudflare.com/memcrashed-major-amplification-attacks-from-port-11211/

    memcached 默认情况下如未进行过安全配置会监听 INADDR_ANY,并且开启了 UDP 支持

    测试方法

    $ echo -en "\x00\x00\x00\x00\x00\x01\x00\x00stats\r\n" | nc -q1 -u 127.0.0.1 11211
STAT pid 21357
STAT uptime 41557034
STAT time 1519734962
...

    如果返回非空内容则你的版本会受影响,请检查是否将其暴露在公网

    memcached 2 月 27 日进行了更新,默认禁用掉了 UDP

    https://github.com/memcached/memcached/wiki/ReleaseNotes156

    No Comments Yet
    x00statMemcachedudp
    About   ·   Help   ·   Advertise   ·   Blog   ·   API   ·   FAQ   ·   Solana   ·   1007 Online   Highest 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 29ms · UTC 19:18 · PVG 03:18 · LAX 12:18 · JFK 15:18
    ♥ Do have faith in what you're doing.