gpg: Signature made Tue Feb 27 21:14:04 2018 UTC
gpg: using DSA key 2099B64CBF15490B
gpg: Good signature from "Andy Smith <andy@strugglers.net>" [unknown]
gpg: aka "Andrew James Smith <andy@strugglers.net>" [unknown]
gpg: aka "Andy Smith (UKUUG) <andy.smith@ukuug.org>" [unknown]
gpg: aka "Andy Smith (BitFolk Ltd.) <andy@bitfolk.com>" [unknown]
gpg: aka "Andy Smith (Linux User Groups UK) <andy@lug.org.uk>" [unknown]
gpg: aka "Andy Smith (Cernio Technology Cooperative) <andy.smith@cernio.com>" [unknown]
Hi,
If you are running a memcached server please make sure that it
either doesn't listen on UDP or else that it is properly firewalled.
Publicly available memcached servers can provide a 50,000x traffic
amplification:
<https://blog.cloudflare.com/memcrashed-major-amplification-attacks-from-port-11211/>
As there is no authentication in the memcached protocol, having it
publicly available is generally a misconfiguration anyway.
We will start scanning for and nagging about this soon.
Cheers,
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce@???
https://lists.bitfolk.com/mailman/listinfo/announce
