It was reported that last Wednesday, developer platform GitHub was hit with what appears to be the biggest DDoS attack ever recorded - 1.35 terabits per second of traffic.
Sammy Migues, principal scientist at Synopsys, said: “This massive DDoS attack was possible because organisations operating memcached servers failed to implement some very basic security practices. The impact was minimal because GitHub was commendably prepared to survive an attack much larger than this. Unless the unwitting operators of these memcached servers take corrective action, it is inevitable that other ill-equipped targets will fall victim to similar DDoS attacks and suffer a much longer outage."
To prevent this, operators of memcached servers should take the following steps:
* Ensure your memcached server is not exposed to the Internet.
* In every perimeter facing firewall you have, immediately block all access from the Internet to UDP port 11211
* Disable UDP on all memcached servers.
"On a more macro level, ISPs need to block spoofed packets from exiting their networks, and protocol developers need to better understand velocity checking and amplification attacks."