How can I secure an Open MemCached Server?

This report identifies hosts that have the Memcached key-value store (see http://memcached.org/ for more information) running and accessible on the internet. Since this service does not support authentication, any entity that can access the MemCached instance can have complete control over the key-value store.

It's advisable to reconfigure your firewall to only allow memcache connections from trusted sources. memcached usually runs on port 11211/tcp. Once you have configured your firewall you can verify if it's open using the following command: (Below example shows an open memcached service)

$ sudo nmap -sS -p 11211 -sV ip_address_here
Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-16 15:13 CEST
Nmap scan report for xxxx.xxx.xxxx

Host is up (0.0072s latency).
PORT      STATE SERVICE   VERSION
11211/tcp open  memcached Memcached 1.4.4

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 11.89 seconds

 

Hebt u meer vragen? Een aanvraag indienen

0 Opmerkingen

Artikel is gesloten voor opmerkingen.