New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks

Justin Paine justin at
Tue Feb 27 22:31:54 UTC 2018

Thanks Chip!

Justin Paine
Head of Trust & Safety
Cloudflare Inc.
PGP: BBAA 6BCE 3305 7FD6 6452 7115 57B6 0114 DE0B 314D

On Tue, Feb 27, 2018 at 1:52 PM, Chip Marshall <chip at> wrote:
> On 2018-02-27, Ca By <cb.list6 at> sent:
>> Please do take a look at the cloudflare blog specifically as they name and
>> shame OVH and Digital Ocean for being the primary sources of mega crap
>> traffic
>> Also, policer all UDP all the time... UDP is unsafe at any speed.
> Hi, DigitalOcean here. We've taken steps to mitigate this attack on our network.
> Also, we've only seen udp/11211 being a problem. I'd be interested to
> hear of anyone seeing tcp/11211 attacks.
> --
> Chip Marshall <chip at>

More information about the NANOG mailing list