|
|
|
|
|
|
by crescentfresh
3028 days ago
|
|
|
Linked article for the memcached explanation: https://blog.cloudflare.com/memcrashed-major-amplification-a... From what I understand the attack originates from publicly exposed memcached servers configured to support udp and that have no authentication requirements: - put a large object in a key - construct a memcached "get" request for that key - forge the IP address of the udp request to point to that of the target/victim server - memcached sends the large object to the target/victim Multiply times thousands of exposed memcached servers. That about right? |
|
|