A vulnerability exists in memcache that allows hackers to utilize the service to create an amplified DDoS attack. As of this writing there is NO PATCH available to fix this problem. The only way to ensure your memcache service cannot be used as part of this attack is to close port 11211 to outside your environment. Clients without managed services are URGED to close this port to the outside world immediately utilizing a firewall. Those with managed services are unaffected by this announcement as this port is closed by our engineers during the initial lockdown at the firewall level.
We highly recommend clients take action to close this vulnerability immediately. Without closing this port, your services may be subject to immediate blackholing if an outgoing DDoS attack is detected and overages if you go over your bandwidth limit which is highly likely. This is a CRITICAL vulnerability which should be addressed immediately.
For additional information see this US-Cert Alert: https://www.us-cert.gov/ncas/alerts/TA14-017A
Friday, March 2, 2018