NEW: Amplification using memcached

- NTP isn't the only protocol we can use to amplify a … denial of service. There are many other amplification … protocols which can be used. And one which deserves … specific mention is the protocol used in the Memcached … software. … Memcached is a third party tool … used to cache objects in a systems memory. … And then retrieve those objects quickly. … Its used to speed up dynamic web applications … and its management features can be accessed using … TCP or UDP on port 11211 … Let's have a look at an example of a Memcached exchange … using Netcat … I'll use Netcat to make a simple connection to port 11211 … on a Memcached server … (typing) … and I'll issue the stats command … We get a response from the server of about 2000 characters … Which provides a respectable amplification factor of about … 400 … Of course using a TCP connection is quite safe and can't … be used to support a denial of service attack … But if the command were to be sent via UDP … With no session set up and with a spoofed source address …