[packages/memcached] disable udp in default config to avoid memcrashed aplification attacks

glen Fri, 28 Dec 2018 01:41:53 -0800

commit 528eaeb2196d4f7bff22b6a0b90447ed75cfcbcb
Author: Elan Ruusamäe <[email protected]>
Date:   Fri Dec 28 11:18:42 2018 +0200


    disable udp in default config to avoid memcrashed aplification attacks
    
    
https://blog.cloudflare.com/memcrashed-major-amplification-attacks-from-port-11211/

 memcached.sysconfig | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)
---
diff --git a/memcached.sysconfig b/memcached.sysconfig
index 4157db1..089e9bf 100644
--- a/memcached.sysconfig
+++ b/memcached.sysconfig
@@ -19,7 +19,10 @@ SERVICE_RUN_NICE_LEVEL="+0"
 LISTEN="127.0.0.1:11211"
 
 # other options not defined earlier
-#MEMCACHED_OPTS=""
+
+# -U 0 to disable UDP listen:
+#      
https://blog.cloudflare.com/memcrashed-major-amplification-attacks-from-port-11211/
+MEMCACHED_OPTS="-U 0"
 
 # Set ulimit at least as high as MAXCONN
 #SERVICE_LIMITS="-n $MAXCONN"
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/memcached.git/commitdiff/528eaeb2196d4f7bff22b6a0b90447ed75cfcbcb

_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit

[packages/memcached] disable udp in default config to avoid memcrashed aplification attacks

Reply via email to