Announcement

Collapse
No announcement yet.

The world's largest DDoS attack took GitHub offline for <10 mins; your site might be vulnerable too!

Collapse
X
Collapse
First Prev Next Last
  • Filter
  • Time
  • Show
Clear All
new posts

    The world's largest DDoS attack took GitHub offline for <10 mins; your site might be vulnerable too!

    On Wednesday, February 28, 2018 GitHub.com was unavailable from 17:21 to 17:26 UTC and intermittently unavailable from 17:26 to 17:30 UTC due to a distributed denial-of-service (DDoS) attack. Click link below for complete info.

    Github said the attackers used Memcached to do the DDoS attack.

    Cloudflare has a recent blog post on how Memcached can be used to perform a DDoS attack. If you are using Memcached, you might be vulnerable to DDoS too. Read the blog on how to fix this vulnerability.

    Cloudflare says that if you are using Cloudflare, you are safe:
    Originally posted by CloudFlare
    Finally, you are OK if you are a Cloudflare customer. Cloudflare's Anycast architecture works well to distribute the load in case of large amplification attacks, and unless your origin IP is exposed, you are safe behind Cloudflare.
    Cloudflare said they received word from hosts such as Digital Ocean, OVH, Linode and Amazon that they have tackled the Memcached issue. If you are using one of those hosts, then you are safe:
    Originally posted by CloudFlare
    We received a word from Digital Ocean, OVH, Linode and Amazon that they tackled the memcached problem, their networks should not be a vector in future attacks. Hurray!
    In a growing sign of the increased sophistication of both cyber attacks and defenses, GitHub has revealed that this week it weathered the largest-known DDoS..

    #2
    By default, Memcached has UDP support enabled. This is the attack vector used in this DDoS attack. If you are using Memcached, you must disable UDP support ASAP!

    Comment


      #3
      My unused server from another web host was DDoS attacked without me knowing it. I just happened to log in to my account after a long time (months or a year) and found out my server was suspended. After inquiring with support, they told me my server was attacked via DDoS. So I had to disable UDP port to prevent this attack via Memcached.

      Comment

      Working...
      X