This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | Last revisionBoth sides next revision | ||
manuals:vps:incidents [2023/08/14 19:13] – [open-portmapper] Aither | manuals:vps:incidents [2024/04/15 06:52] – Sort alphabetically aither | ||
---|---|---|---|
Line 5: | Line 5: | ||
be precautionary when services which are known to be exploitable are available | be precautionary when services which are known to be exploitable are available | ||
from the public Internet. | from the public Internet. | ||
+ | |||
+ | ===== open-memcached ===== | ||
+ | memcached is often used for amplification attacks. The attacker uses your memcached | ||
+ | server to send responses to victims, as the response is much larger than the attacker' | ||
+ | request. If you're using memcached only locally, it is best to have it listen only | ||
+ | on localhost. In case you're using memcached from multiple VPS, secure it using | ||
+ | the firewall to not be available from the public Internet. | ||
===== open-portmapper ===== | ===== open-portmapper ===== | ||
Line 29: | Line 36: | ||
Note that iptables rules configured like this will be lost when the VPS is restarted. | Note that iptables rules configured like this will be lost when the VPS is restarted. | ||
For these rules to be persistent, consult your distribution' | For these rules to be persistent, consult your distribution' | ||
- | |||
- | ===== open-memcached ===== | ||
- | memcached is often used for amplification attacks. The attacker uses your memcached | ||
- | server to send responses to victims, as the response is much larger than the attacker' | ||
- | request. If you're using memcached only locally, it is best to have it listen only | ||
- | on localhost. In case you're using memcached from multiple VPS, secure it using | ||
- | the firewall to not be available from the public Internet. | ||