How can I secure an Open MemCached Server?

This report identifies hosts that have the Memcached key-value store (see for more information) running and accessible on the internet. Since this service does not support authentication, any entity that can access the MemCached instance can have complete control over the key-value store and can be abused for DDoS attacks.

It's advisable to reconfigure your firewall to only allow memcache connections from trusted sources. memcached usually runs on port 11211/tcp. Once you have configured your firewall you can verify if it's open using the following command: (Below example shows an open memcached service)

$ sudo nmap -sS -p 11211 -sV ip_address_here
Starting Nmap 6.49BETA4 ( ) at 2015-09-16 15:13 CEST
Nmap scan report for

Host is up (0.0072s latency).
11211/tcp open  memcached Memcached 1.4.4

Service detection performed. Please report any incorrect results at .
Nmap done: 1 IP address (1 host up) scanned in 11.89 seconds


Have more questions? Submit a request


Article is closed for comments.