Memcached DDoS Exploits: Operations, Vulnerabilities, Preventions and Mitigations

Abstract

This paper focuses on Memcached security from DDoS attacks during all stages of attack life cycle. It identifies Memcached architecture flaws on the one hand (which are long been ignored by developers of Memcached) and preventions/mitigation of DDoS attacks through several techniques depending on the type of vulnerability being exploited by the attacker on the other hand. In this paper we have explained the Memcached operations and architecture to identify and show the possible flaws in both of them. We have also taken reference of largest DDoS attacks ever recorded in the history of computer networks and as a follow up to recent attacks on Memcached this paper presents a fresh and strong list of simple commands and configuration security steps that are capable to avoid or mitigate Memcached DDoS attacks.