Announcement

Collapse
No announcement yet.

The world's largest DDoS attack took GitHub offline for <10 mins; your site might be vulnerable too!

Collapse
This is a sticky topic.
X
X
Collapse
First Prev Next Last
  • Filter
  • Time
  • Show
Clear All
new posts

    The world's largest DDoS attack took GitHub offline for <10 mins; your site might be vulnerable too!

    On Wednesday, February 28, 2018 GitHub.com was unavailable from 17:21 to 17:26 UTC and intermittently unavailable from 17:26 to 17:30 UTC due to a distributed denial-of-service (DDoS) attack. Click link below for complete info.

    Github said the attackers used Memcached to do the DDoS attack.

    Cloudflare has a recent blog post on how Memcached can be used to perform a DDoS attack. If you are using Memcached, you might be vulnerable to DDoS too. Read the blog on how to fix this vulnerability.

    Cloudflare says that if you are using Cloudflare, you are safe:
    You need to be logged in to view the quote. Login or Register now!
    Cloudflare said they received word from hosts such as Digital Ocean, OVH, Linode and Amazon that they have tackled the Memcached issue. If you are using one of those hosts, then you are safe:
    You need to be logged in to view the quote. Login or Register now!
    In a growing sign of the increased sophistication of both cyber attacks and defenses, GitHub has revealed that this week it weathered the largest-known DDoS..

    #2
    By default, Memcached has UDP support enabled. This is the attack vector used in this DDoS attack. If you are using Memcached, you must disable UDP support ASAP!

    Comment


      #3
      My unused server from another web host was DDoS attacked without me knowing it. I just happened to log in to my account after a long time (months or a year) and found out my server was suspended. After inquiring with support, they told me my server was attacked via DDoS. So I had to disable UDP port to prevent this attack via Memcached.

      Comment

      Working...
      X