New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks

Chip Marshall chip at
Tue Feb 27 21:52:54 UTC 2018

On 2018-02-27, Ca By <cb.list6 at> sent:
> Please do take a look at the cloudflare blog specifically as they name and
> shame OVH and Digital Ocean for being the primary sources of mega crap
> traffic
> Also, policer all UDP all the time... UDP is unsafe at any speed.

Hi, DigitalOcean here. We've taken steps to mitigate this attack on our network.

Also, we've only seen udp/11211 being a problem. I'd be interested to
hear of anyone seeing tcp/11211 attacks.

Chip Marshall <chip at>

More information about the NANOG mailing list