Secure Memcached on Directadmin server

All tags

DirectAdmin Knowledge Base and Support

DirectAdmin is a web panel for a simple administration of both virtual and dedicated servers. DirectAdmin is faster, safe and more powerful than any other CP. And we know how to customize and support it.

| 14:20:23 01.03.2018

CloudFlare reported in their blog-post about a big increase in an obscure amplification attack vector - using the memcached protocol, coming from UDP port 11211. Here we will provide details on how to protect your server with Directadmin.

What you have?

By default memcached on a CentOS server is accepting connections from all IPs to port 11211 both TCP and UDP:

# netstat -nlp | grep memcached
tcp        0      0 0.0.0.0:11211               0.0.0.0:*                   LISTEN      11287/memcached
tcp        0      0 :::11211                    :::*                        LISTEN      11287/memcached
udp        0      0 0.0.0.0:11211               0.0.0.0:*                               11287/memcached
udp        0      0 :::11211                    :::*                                    11287/memcached

What to do?

First of all make sure you've a firewall which is filtering incoming and outgoing connections to port 11211.

Then update memcached options in the file /etc/sysconfig/memcached. Originally it looks like:

PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64"
OPTIONS=""

So we need to update OPTIONS to the following view:

OPTIONS=" -l 127.0.0.1 -U 0"

Now restart memcached and check results:

[root@server ~]#  netstat -nlp | grep memc
tcp        0      0 127.0.0.1:11211             0.0.0.0:*                   LISTEN      11871/memcached
[root@server ~]#

That's it.

Tags: directadmin Security libmemcached memcached

← The latest NGINX version on Directadmin server | Start | Roundcube SMTP Error (-1): Connection to server failed →

About Us

We are a team of professionals, and specialize in installation, configuring and managing of remote virtual and dedicated servers powered by Linux/Unix-like OS with DirectAdmin. We support various sets of software, including web-servers Apache, Nginx; internet domain name servers Bind, PowerDNS; mail-servers with POP3, IMAP and SMTP, FTP-servers, etc. After years of working through the most complex server challenges our team has gathered valuable experience and universal solutions suitable for everyday tasks. We are here to lend you a helping hand and take care of your servers in order to let you have enough time to do more of what you love.

SEE HOW WE CAN HELP!

All of the information and data on this site is for informational purposes only and is provided for the convenience of the user.