logo

Computer Security: Memcrashed Exploit and Solutions

Write a report on the memcrashed vulnerability, including its description, exploit, solutions, and predictions of its impact.

14 Pages3281 Words184 Views
   

Added on  2023-04-25

About This Document

This report discusses the vulnerability of memcached and the memcrashed exploit that occurred in GitHub in 2018. It also provides solutions to prevent such attacks.

Computer Security: Memcrashed Exploit and Solutions

Write a report on the memcrashed vulnerability, including its description, exploit, solutions, and predictions of its impact.

   Added on 2023-04-25

ShareRelated Documents
Running head: COMPUTER SECURITY
COMPUTER SECURITY
Name of Student
Name of University
Author’s Note
Computer Security: Memcrashed Exploit and Solutions_1
1COMPUTER SECURITY
Table of Contents
Introduction..........................................................................................................................2
Discussion............................................................................................................................2
How the vulnerability works...........................................................................................2
Description of memcrashed exploit.................................................................................4
Solution to the exploit......................................................................................................6
Conclusion...........................................................................................................................9
References..........................................................................................................................10
Computer Security: Memcrashed Exploit and Solutions_2
2COMPUTER SECURITY
Introduction
Memcrashed can be defined as the process where memcached is installed and security is
initiated against the vulnerability of memcached. Memcached is a specific memory object system
for caching that is used in order to speed up various applications of dynamic web. It is an open
source and it has been designed for working with huge number of open connections
(TechCrunch. 2019). Vulnerability in memcached had been discovered in the month of February
of 2018 which allows the attackers to launch as well as execute powerful DDoS amplification
attacks. This vulnerability was a new one in the concept of execution of DDoS attack. This
assignment describes regarding various vulnerabilities caused by memcached along with various
examples, it further describes the memcrashed exploit that took place within GitHub in the year
2018. The report also provides various solutions to the memcrashed exploit. These points are
described in details in the discussion part of the report.
Discussion
How the vulnerability works
In case the memcached server is not configured in a proper manner it might cause
numerous vulnerabilities to occur within it. These attacks can prove to seriously devastating as
well as dangerous (Hyder and Lung 2018). The misconfigured servers might also be vulnerable
to reflection along with amplification denial if service attacks through the internet. The limit up
to which data can be stored usually depends on the configuration and necessities of users but
generally it is set to 1MB. Memcached server that is exposed in nature are vulnerable to spoofed
UDP packet that is sent to the port 11211 that would request the 1MB value multiple times, this
Computer Security: Memcrashed Exploit and Solutions_3
3COMPUTER SECURITY
results in a massive traffic as well as a huge amplification factor, hence the amplification attack
occurs.
Reflection attack is one more attack that is a part of memcached vulnerability. In this type
of attack the attacker does not forward the get request to the present client, he directly forwards it
to a specific host of the machines (Kharchenko, Kolisnyk and Piskachova 2018). As a response
to this request, the machines reflects the request to actual clients, this as a result dumps the
networks with the help of flooding these requests.
The memcached attack takes place using a specific procedure, when a server gets a
memcached get request; the requested values are collected by the server from the memory in
order to form a response. This is then sent in the internet with the help of an uninterrupted stream
of various UDP packets. Every packet is usually the length of around 1.400 bytes. After this the
attacker is allowed to insert various records in the open memcached server (Sanz 2018). The
memcached is generally allowed to utilize a limit of 1MB for every stored value, but in this case
a specific attacker can insert large values because any user is allowed to configure the memory
on the basis of their changes. The attacker is allowed to demand duplicate or multiple keys with
just one request. This attacker is allowed to utilize large values in the data store and then utilize
them for the attacks. Due to this even with a single megabyte that is stored, the attacker can use a
specific spoofed UDP packet request for requesting the 1MB of data (Xu, Liu and Ren 2015).
This data is sent for hundreds of times for every request over the memcached’s default. As per
Akamai, this results in a huge implication factor in which 203 byte request have chances to result
to the response of 100 MB of the reflected traffic.
Computer Security: Memcrashed Exploit and Solutions_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Principles of Key/Value Databases and Memcrashed Exploit
|14
|3197
|498

Memcrashed Exploit: Description, Solutions, and Future Importance
|11
|2518
|404

Computer Security Engineering
|15
|3256
|143

Memcached DDoS Attack - Computer Security
|4
|505
|492

Computer Security: Memcrashed Exploit and Prevention
|16
|2952
|346

Memcrashed Vulnerability from 2018
|13
|2063
|440