New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Still butt-hurt after all that time? Epic rekt.
You are arguing that people are not perfect. They are not and I am neither, but that is not the point. Not checking for open ports which can be used for DDOS is a preventable mistake and is therefore incompetence.
If you or your company want to add a firewall to cover up the mistakes of your sysadmins, that is fine and even justifiable, but it doesn't make the sysadmins competent.
What the fuck. How is firewall a "cover up"? It's a first line of defense against any kind of attack. What if your server gets infected by malware? Without a firewall, it could listen on any port it wanted and become a botnet controller, without anyone noticing.
I think it should probably be done on the application itself. You can also do it on the firewall but that's probably not necessary if you do it on the application.
I believe he meant that no matter how incompetent someone is, they'll at least have a firewall set up - doing it on both memcached & your firewall is obviously the best and would (should?) be the norm.
It looks like securing it at the application layer is pretty simple in this case.
https://www.digitalocean.com/community/tutorials/how-to-secure-memcached-by-reducing-exposure
Where did I say here you shouldn't use a firewall? I even said it would be justifiable. The point was and still is that a sysadmin should do more than blindly install software and check stuff. How hard is it to use netstat and to use common sense? What if the installation procedure includes punching a hole in the firewall because the package manager though that was a good idea?
deleted
DDOS attack size record has been broken with Memcrashed at 1.7Tbps DDOS Attack https://www.theregister.co.uk/2018/03/05/worlds_biggest_ddos_attack_record_broken_after_just_five_days/
on article he didnt mention who's the target
LeaseWeb just sent out a notice that they are blocking all UDP 11211 traffic. Hopefully others do the same.