On Wed, Feb 28, 2018 at 5:54 PM Job Snijders <j...@ntt.net> wrote: > On Tue, Feb 27, 2018 at 09:52:54PM +0000, Chip Marshall wrote: > > On 2018-02-27, Ca By <cb.li...@gmail.com> sent: > > > Please do take a look at the cloudflare blog specifically as they > > > name and shame OVH and Digital Ocean for being the primary sources > > > of mega crap traffic > > > > > > > https://blog.cloudflare.com/memcrashed-major-amplification-attacks-from-port-11211/ > > > > > > Also, policer all UDP all the time... UDP is unsafe at any speed. > > > > Hi, DigitalOcean here. We've taken steps to mitigate this attack on > > our network. > > NTT too has deployed rate limiters on all external facing interfaces on > the GIN backbone - for UDP/11211 traffic - to dampen the negative impact > of open memcached instances on peers and customers. > > The toxic combination of 'one spoofed packet can yield multiple reponse > packets' and 'one small packet can yield a very big response' makes the > memcached UDP protocol a fine example of double trouble with potential > for severe operational impact. > > Kind regards, > > Job
Thanks Job. NTT is a very good internet steward, making common sense calls .... not just sling bits by the kilo for $ >