[kevinconaway]

> From what I gather, the attack here was possible because Github engineers accidentally left the memcached port open.

That is incorrect.

The attackers made requests that were forged to have the sender IP address of Github to multiple public memcached instances. Memcached then responds back to Github instead of the attacker.

This is documented in more detail in the Cloudflare vulnerability report[0]

https://blog.cloudflare.com/memcrashed-major-amplification-a...

[flafla2]

Ah ok. This makes much more sense -- leaving a port open seems like an amateur mistake for a firm like Github. Thanks for the link.

[shuntress]

If Github had no open ports they wouldn't have much of a website.

[dc_gregory]

I think it was more likely meant re. the original (incorrect) interpretation that github had left public access to memcache instances.