Updated on September 9, 2020 at 12:22 am
Great article from Cloudfare on Memcached or Memcrashed as they called it.
Command line check for your server:
echo -en "\x00\x00\x00\x00\x00\x01\x00\x00stats\r\n" | nc -q1 -u 127.0.0.1 11211
Hint: you don’t want to see a response.
And if you are really lazy, type your server IP address into Shodan and see if it’s listed with port 11211 showing.
Many of these vulnerable hosts are at DigitalOcean. For the love of baby jesus, use their free firewall service and block UDP port 11211 inbound from the internet.
And by the way, GitHub just got hit by a 1.35 Tbps (that’s terabits) DDoS attack using memcached so make sure your servers are not part of this type of attack.