New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks

Jean | jean at
Wed Feb 28 12:01:34 UTC 2018

I ran a full scan of the internet with zmap to find vulnerable memcached 
servers from an AWS server. AWS received an abuse report and forwarded 
it to me.

I deleted the VM and the case was close...


OVH Is not dumb. Do you know how easy it is to deploy a VM today with 
all the automated frameworks?


On 02/28/2018 06:51 AM, Rich Kulawiec wrote:
> On Wed, Feb 28, 2018 at 12:29:54AM +0000, Filip Hruska wrote:
>> OVH is one of the largest server providers in the world - of course they will be at the top of that list.
> Of course not.  The larger an operation, the greater its responsibility
> to the rest of the Internet -- because the more damage it can and will do
> if it's not professionally operated.  Moreover, the larger the operation
> the easier abuse control is and the less tolerance any of us should have
> for failure.  I don't want to hear any clueless whining from ignorant
> newbies about how-oh-so-terribly-hard-it-is-with-a-billion-users.  If you
> don't know how run it, or you're too lazy, cheap, and stupid to run it,
> you should never have built it: you're simply not good enough.
> ---rsk

More information about the NANOG mailing list