On Tue, Feb 27, 2018 at 09:52:54PM +0000, Chip Marshall wrote:
On 2018-02-27, Ca By <cb.list6@gmail.com> sent:
Please do take a look at the cloudflare blog specifically as they name and shame OVH and Digital Ocean for being the primary sources of mega crap traffic
https://blog.cloudflare.com/memcrashed-major-amplification-attacks-from-port...
Also, policer all UDP all the time... UDP is unsafe at any speed.
Hi, DigitalOcean here. We've taken steps to mitigate this attack on our network.
NTT too has deployed rate limiters on all external facing interfaces on the GIN backbone - for UDP/11211 traffic - to dampen the negative impact of open memcached instances on peers and customers. The toxic combination of 'one spoofed packet can yield multiple reponse packets' and 'one small packet can yield a very big response' makes the memcached UDP protocol a fine example of double trouble with potential for severe operational impact. Kind regards, Job