<link href='https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3448621598664628523&zx=fbdef328-b03d-499b-a7bd-8e695f26ea35' media='none' onload='if(media!='all')media='all'' rel='stylesheet'/><noscript><link href='https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3448621598664628523&zx=fbdef328-b03d-499b-a7bd-8e695f26ea35' rel='stylesheet'/></noscript>
<meta name='google-adsense-platform-account' content='ca-host-pub-1556223355139109'/>
<meta name='google-adsense-platform-domain' content='blogspot.com'/>

<script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1618281995222563&host=ca-host-pub-1556223355139109" crossorigin="anonymous"></script>

<!-- data-ad-client=ca-pub-1618281995222563 -->

<link rel="stylesheet" href="https://fonts.googleapis.com/css2?display=swap&family=Playfair+Display&family=Indie+Flower&family=Open+Sans&family=Poppins"></head><body>

This "Kill Switch" will Mitigate the Memcached DDoS Attack

Memcached DDoS Attack: Kill Switch. Protection against Memcached DDoS

Admin

March 08, 2018

Last week we have seen the biggest 1Tbps -plus DDoS Attack on GitHub and other networks, which is mainly caused by memcache on the server. The potency of the attacks is due to memcached servers amplifying a target's spoofed IP address requests by a factor of 50,000.

Now here is some goods news for the server admins. DDoS protection firm Corero have mentioned that they have found a kill switch which will mitigate this Memcache DDoS issue 100 percent. Corero, says that they have tested its kill switch on the real attacking server and they have got 100 percent success results.

This Memcache issue is been now assigned with the CVE-2018-1000115, which identifies memcached version 1.5.5 as having an "Insufficient control of Network Message Volume vulnerability in the UDP support of the memcached server that can result in denial of service via network flood".

After the attack on the GitHub, an unknown users have also posted the exploit for the Memcache DDoS on internet, which makes other attackers works more easy. Moreover, before the attack- Rapid7's Project Sonar internet scanner detected nearly 140,000 open memcached devices. However, as of March 1, this has dropped to 58,000. Exposed memcached servers with UDP enabled have also fallen from 18,000 on March 1 to under 12,000 on March 5.

Still there are thousands of the servers which are still vulnerable to Memcache DDoS Attack. Another nasty thing you got to know that, some of the hundereds of the servers still using the older version of the memcache, which is also exploit to Remote Code Execution flaws that could allowed them to be used as part of botnet.

Read Also

Share:

You may like these posts Show all

1 comment

Anonymous

3/13/2018 08:52:00 AM

Yes you right the Collagedunia is best education portal
also check

Top B.com (Hons) Colleges

<script type="text/javascript" src="https://www.blogger.com/static/v1/widgets/517362887-widgets.js"></script>
<script type='text/javascript'>
window['__wavt'] = 'AOuZoY6O1R-j0VKzPzu1yuszg_ShYo9amQ:1713585608056';_WidgetManager._Init('//www.blogger.com/rearrange?blogID\x3d3448621598664628523','//www.cyberkendra.com/2018/03/this-kill-switch-will-mitgate-memcached.html','3448621598664628523');
_WidgetManager._SetDataContext([{'name': 'blog', 'data': {'blogId': '3448621598664628523', 'title': 'Cyber Kendra', 'url': 'https://www.cyberkendra.com/2018/03/this-kill-switch-will-mitgate-memcached.html', 'canonicalUrl': 'https://www.cyberkendra.com/2018/03/this-kill-switch-will-mitgate-memcached.html', 'homepageUrl': 'https://www.cyberkendra.com/', 'searchUrl': 'https://www.cyberkendra.com/search', 'canonicalHomepageUrl': 'https://www.cyberkendra.com/', 'blogspotFaviconUrl': 'https://www.cyberkendra.com/favicon.ico', 'bloggerUrl': 'https://www.blogger.com', 'hasCustomDomain': true, 'httpsEnabled': true, 'enabledCommentProfileImages': true, 'gPlusViewType': 'FILTERED_POSTMOD', 'adultContent': false, 'analyticsAccountNumber': 'G-YN9DJXCC22', 'analytics4': true, 'encoding': 'UTF-8', 'locale': 'en', 'localeUnderscoreDelimited': 'en', 'languageDirection': 'ltr', 'isPrivate': false, 'isMobile': false, 'isMobileRequest': false, 'mobileClass': '', 'isPrivateBlog': false, 'isDynamicViewsAvailable': true, 'feedLinks': '\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22Cyber Kendra - Atom\x22 href\x3d\x22https://www.cyberkendra.com/feeds/posts/default\x22 /\x3e\n\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/rss+xml\x22 title\x3d\x22Cyber Kendra - RSS\x22 href\x3d\x22https://www.cyberkendra.com/feeds/posts/default?alt\x3drss\x22 /\x3e\n\x3clink rel\x3d\x22service.post\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22Cyber Kendra - Atom\x22 href\x3d\x22https://www.blogger.com/feeds/3448621598664628523/posts/default\x22 /\x3e\n\n\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22Cyber Kendra - Atom\x22 href\x3d\x22https://www.cyberkendra.com/feeds/464430474491572459/comments/default\x22 /\x3e\n', 'meTag': '', 'adsenseClientId': 'ca-pub-1618281995222563', 'adsenseHostId': 'ca-host-pub-1556223355139109', 'adsenseHasAds': true, 'adsenseAutoAds': true, 'boqCommentIframeForm': true, 'loginRedirectParam': '', 'view': '', 'dynamicViewsCommentsSrc': '//www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/comments.js', 'dynamicViewsScriptSrc': '//www.blogblog.com/dynamicviews/d86c8c5eadffdf93', 'plusOneApiSrc': 'https://apis.google.com/js/platform.js', 'disableGComments': true, 'interstitialAccepted': false, 'sharing': {'platforms': [{'name': 'Get link', 'key': 'link', 'shareMessage': 'Get link', 'target': ''}, {'name': 'Facebook', 'key': 'facebook', 'shareMessage': 'Share to Facebook', 'target': 'facebook'}, {'name': 'BlogThis!', 'key': 'blogThis', 'shareMessage': 'BlogThis!', 'target': 'blog'}, {'name': 'Twitter', 'key': 'twitter', 'shareMessage': 'Share to Twitter', 'target': 'twitter'}, {'name': 'Pinterest', 'key': 'pinterest', 'shareMessage': 'Share to Pinterest', 'target': 'pinterest'}, {'name': 'Email', 'key': 'email', 'shareMessage': 'Email', 'target': 'email'}], 'disableGooglePlus': true, 'googlePlusShareButtonWidth': 0, 'googlePlusBootstrap': '\x3cscript type\x3d\x22text/javascript\x22\x3ewindow.___gcfg \x3d {\x27lang\x27: \x27en\x27};\x3c/script\x3e'}, 'hasCustomJumpLinkMessage': false, 'jumpLinkMessage': 'Read more', 'pageType': 'item', 'postId': '464430474491572459', 'postImageThumbnailUrl': 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmu-T4kyywH2iQPtg-O0K_CwWbS77rLVCvcZeiqOSaQ1uy7B15EhyXV9tpS6nru7xGeV7BCyguaUpcP4VD38c3nan1fh4eidNBqlZJZ-AB0sVEQuIeJ1s7PFEWK7uO8zeIgQJQ0gRxEV8/s72-c/emergency-kill-switch.jpg', 'postImageUrl': 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmu-T4kyywH2iQPtg-O0K_CwWbS77rLVCvcZeiqOSaQ1uy7B15EhyXV9tpS6nru7xGeV7BCyguaUpcP4VD38c3nan1fh4eidNBqlZJZ-AB0sVEQuIeJ1s7PFEWK7uO8zeIgQJQ0gRxEV8/s1600/emergency-kill-switch.jpg', 'pageName': 'This \x22Kill Switch\x22 will Mitigate the Memcached DDoS Attack', 'pageTitle': 'Cyber Kendra: This \x22Kill Switch\x22 will Mitigate the Memcached DDoS Attack', 'metaDescription': 'Memcached DDoS Attack: Kill Switch. Protection against Memcached DDoS'}}, {'name': 'features', 'data': {}}, {'name': 'messages', 'data': {'edit': 'Edit', 'linkCopiedToClipboard': 'Link copied to clipboard!', 'ok': 'Ok', 'postLink': 'Post Link'}}, {'name': 'template', 'data': {'name': 'custom', 'localizedName': 'Custom', 'isResponsive': true, 'isAlternateRendering': false, 'isCustom': true}}, {'name': 'view', 'data': {'classic': {'name': 'classic', 'url': '?view\x3dclassic'}, 'flipcard': {'name': 'flipcard', 'url': '?view\x3dflipcard'}, 'magazine': {'name': 'magazine', 'url': '?view\x3dmagazine'}, 'mosaic': {'name': 'mosaic', 'url': '?view\x3dmosaic'}, 'sidebar': {'name': 'sidebar', 'url': '?view\x3dsidebar'}, 'snapshot': {'name': 'snapshot', 'url': '?view\x3dsnapshot'}, 'timeslide': {'name': 'timeslide', 'url': '?view\x3dtimeslide'}, 'isMobile': false, 'title': 'This \x22Kill Switch\x22 will Mitigate the Memcached DDoS Attack', 'description': 'Memcached DDoS Attack: Kill Switch. Protection against Memcached DDoS', 'featuredImage': 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmu-T4kyywH2iQPtg-O0K_CwWbS77rLVCvcZeiqOSaQ1uy7B15EhyXV9tpS6nru7xGeV7BCyguaUpcP4VD38c3nan1fh4eidNBqlZJZ-AB0sVEQuIeJ1s7PFEWK7uO8zeIgQJQ0gRxEV8/s1600/emergency-kill-switch.jpg', 'url': 'https://www.cyberkendra.com/2018/03/this-kill-switch-will-mitgate-memcached.html', 'type': 'item', 'isSingleItem': true, 'isMultipleItems': false, 'isError': false, 'isPage': false, 'isPost': true, 'isHomepage': false, 'isArchive': false, 'isLabelSearch': false, 'postId': 464430474491572459}}, {'name': 'widgets', 'data': [{'title': 'Template Code (Do not disable)', 'type': 'HTML', 'sectionId': 'settings', 'id': 'HTML6'}, {'title': 'Cyber Kendra (Header)', 'type': 'Header', 'sectionId': 'header', 'id': 'Header1'}, {'title': 'Social Media Link', 'type': 'LinkList', 'sectionId': 'section', 'id': 'LinkList1'}, {'title': '', 'type': 'HTML', 'sectionId': 'header_bottom_widget', 'id': 'HTML3'}, {'title': 'Blog Posts', 'type': 'Blog', 'sectionId': 'main', 'id': 'Blog1', 'posts': [{'id': '464430474491572459', 'title': 'This \x22Kill Switch\x22 will Mitigate the Memcached DDoS Attack', 'featuredImage': 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmu-T4kyywH2iQPtg-O0K_CwWbS77rLVCvcZeiqOSaQ1uy7B15EhyXV9tpS6nru7xGeV7BCyguaUpcP4VD38c3nan1fh4eidNBqlZJZ-AB0sVEQuIeJ1s7PFEWK7uO8zeIgQJQ0gRxEV8/s1600/emergency-kill-switch.jpg', 'showInlineAds': false}], 'footerBylines': [{'regionName': 'footer1', 'items': [{'name': 'author', 'label': 'by'}, {'name': 'timestamp', 'label': 'On'}, {'name': 'comments', 'label': 'Post a Comment'}, {'name': 'share', 'label': ''}]}, {'regionName': 'footer2', 'items': [{'name': 'labels', 'label': ''}]}], 'allBylineItems': [{'name': 'author', 'label': 'by'}, {'name': 'timestamp', 'label': 'On'}, {'name': 'comments', 'label': 'Post a Comment'}, {'name': 'share', 'label': ''}, {'name': 'labels', 'label': ''}]}, {'title': 'Advertisement', 'type': 'HTML', 'sectionId': 'top_ads', 'id': 'HTML90'}, {'title': 'Advertisement', 'type': 'HTML', 'sectionId': 'middle_ads_2', 'id': 'HTML93'}, {'title': 'Advertisement', 'type': 'HTML', 'sectionId': 'matched_content_ads', 'id': 'HTML7'}, {'title': 'Trending!', 'type': 'PopularPosts', 'sectionId': 'sidebar', 'id': 'PopularPosts1', 'posts': [{'title': ' Pirate Bay Proxy List 2024: Unblock The Pirate bay33 [April Updated]', 'id': 7709902560608743927}, {'title': 'ExtraTorrents Proxy List 2024 To Unblock Extratorrent', 'id': 7687163451941064055}, {'title': '1337x Proxy List 2024: Your Guide to Safe and Legal Torrenting', 'id': 1078991593587710032}, {'title': 'Download ExaGear APK + obb - Windows Emulator for Android', 'id': 3731719425182612328}, {'title': 'Convert SQL Server to MySQL - Important Things to Consider', 'id': 1772728232949461230}, {'title': 'The Dos And Don\u2019ts Of Building Effective External Links', 'id': 2066265753436086049}]}, {'title': 'Table of Contents', 'type': 'HTML', 'sectionId': 'toc_auto', 'id': 'HTML8'}, {'title': 'Follow Us', 'type': 'LinkList', 'sectionId': 'footer_widgets', 'id': 'LinkList10'}]}]);
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML6', 'settings', document.getElementById('HTML6'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HeaderView', new _WidgetInfo('Header1', 'header', document.getElementById('Header1'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_LinkListView', new _WidgetInfo('LinkList1', 'section', document.getElementById('LinkList1'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML3', 'header_bottom_widget', document.getElementById('HTML3'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_BlogView', new _WidgetInfo('Blog1', 'main', document.getElementById('Blog1'), {'cmtInteractionsEnabled': false}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML90', 'top_ads', document.getElementById('HTML90'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML93', 'middle_ads_2', document.getElementById('HTML93'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML7', 'matched_content_ads', document.getElementById('HTML7'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_PopularPostsView', new _WidgetInfo('PopularPosts1', 'sidebar', document.getElementById('PopularPosts1'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML8', 'toc_auto', document.getElementById('HTML8'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_LinkListView', new _WidgetInfo('LinkList10', 'footer_widgets', document.getElementById('LinkList10'), {}, 'displayModeFull'));
</script>
</body>