nanog mailing list archives
Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks
From: Steve Atkins <steve () blighty com>
Date: Tue, 27 Feb 2018 16:38:18 -0800
On Feb 27, 2018, at 4:29 PM, Filip Hruska <fhr () fhrnet eu> wrote: This is just stupid. OVH is one of the largest server providers in the world - of course they will be at the top of that list. What exactly should they do, according to you?
Read their abuse@ alias. Shut down those customers who are being abusive. Currently they do neither. Every so often they'll privately admit that they've been doing an unconscionably bad job of mitigating abuse from their networks and promise to do better, then don't. Given some of their customers have been consistently abusive for years from the same domain and the same IP address the problem isn't "Oh, the bad people keep signing up with new credit cards! Oh, poor us!" or any other reasoning based on being a large, inexpensive provider.
Why should people de-peer them?
If the overall cost of the bad traffic exceeds the benefit of the good traffic. I'm sure it doesn't, but that people are even suggesting it is telling. Cheers, Steve
Current thread:
- Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks, (continued)
- Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks Justin Paine via NANOG (Feb 27)
- Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks Job Snijders (Feb 28)
- Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks Ca By (Feb 28)
- Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks Dan Hollis (Feb 27)
- Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks Rich Kulawiec (Feb 28)
- Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks Job Snijders (Feb 28)
- Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks Denys Fedoryshchenko (Feb 28)
- Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks Grzegorz Janoszka (Feb 28)
- Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks Mike Hammett (Feb 28)
- Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks Steve Atkins (Feb 27)
- Re: Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks Ca By (Feb 27)
- Re: Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks Dan Hollis (Feb 27)
- Re: Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks Rich Kulawiec (Feb 28)
- Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks Jean | ddostest.me via NANOG (Feb 28)