Computer Security: Mitigating Memcached DDoS Attacks
VerifiedAdded on 2025/04/23
|17
|2543
|246
AI Summary
Desklib provides past papers and solved assignments for students. This report explores Memcached vulnerabilities and mitigation strategies.
Computer Security
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Table of Contents
Computer Security...........................................................................................................................1
List of Figures..................................................................................................................................2
Introduction......................................................................................................................................4
Database...........................................................................................................................................5
Key/value databases.....................................................................................................................5
Memcrashed.................................................................................................................................5
Key/Value Databases.......................................................................................................................6
Use cases for this database..........................................................................................................6
Popular Key Value Database.......................................................................................................7
Memchrashed...................................................................................................................................9
Requirements of Memcached DDoS Exploit Tool......................................................................9
Solution for memchrashed exploit.............................................................................................10
How to secure Memcached on Ubuntu & Debian Servers........................................................11
Securing Memcached on Cent OS and Fedora Servers.............................................................12
Future Importance & Effectiveness of Memcrashed.....................................................................14
Conclusion.....................................................................................................................................15
References......................................................................................................................................16
List of Figures
Figure 1: Process Data in Dynamo DB............................................................................................6
Figure 2: Python Latest Installation.................................................................................................9
Figure 3: Shodan Installation.........................................................................................................10
Figure 4: Shodan API for Memcrashed.........................................................................................10
Figure 5: Corero's Solution............................................................................................................11
Computer Security...........................................................................................................................1
List of Figures..................................................................................................................................2
Introduction......................................................................................................................................4
Database...........................................................................................................................................5
Key/value databases.....................................................................................................................5
Memcrashed.................................................................................................................................5
Key/Value Databases.......................................................................................................................6
Use cases for this database..........................................................................................................6
Popular Key Value Database.......................................................................................................7
Memchrashed...................................................................................................................................9
Requirements of Memcached DDoS Exploit Tool......................................................................9
Solution for memchrashed exploit.............................................................................................10
How to secure Memcached on Ubuntu & Debian Servers........................................................11
Securing Memcached on Cent OS and Fedora Servers.............................................................12
Future Importance & Effectiveness of Memcrashed.....................................................................14
Conclusion.....................................................................................................................................15
References......................................................................................................................................16
List of Figures
Figure 1: Process Data in Dynamo DB............................................................................................6
Figure 2: Python Latest Installation.................................................................................................9
Figure 3: Shodan Installation.........................................................................................................10
Figure 4: Shodan API for Memcrashed.........................................................................................10
Figure 5: Corero's Solution............................................................................................................11
Figure 6: For Ubuntu & Fedora Configuration..............................................................................12
Figure 7: Outcome after implementation.......................................................................................13
Figure 7: Outcome after implementation.......................................................................................13
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Introduction
In this computer security assignment, it is having the key value pair database in which it is
containing all the procedure as use case for this database and most famous database which are
Amazon Dynamo DB & Apache Cassandra. Database is defined as the collective information of
data which is specially designed for felicitating the special purpose use of data. Key value
database is defined as type of non - relational database which is used for storing the data or
information with the help of key value methods. Memcrashed is a type of exploring tool for
DDoS attack which is completely written in python which gives the permission for sending the
UDP packets in a sequencing of server which are memcached. DDoS which is full formed as
Distributed Denial of Services is having the largest record with the counting value of 1.35 Tbps.
It is important because of increment for prevalence of cloud services which are uncontrolled and
mainly focused on IT services. Cloud gives the flexibility for exploiting the attacks which are not
acceptable or doubted at very high speed.
In this computer security assignment, it is having the key value pair database in which it is
containing all the procedure as use case for this database and most famous database which are
Amazon Dynamo DB & Apache Cassandra. Database is defined as the collective information of
data which is specially designed for felicitating the special purpose use of data. Key value
database is defined as type of non - relational database which is used for storing the data or
information with the help of key value methods. Memcrashed is a type of exploring tool for
DDoS attack which is completely written in python which gives the permission for sending the
UDP packets in a sequencing of server which are memcached. DDoS which is full formed as
Distributed Denial of Services is having the largest record with the counting value of 1.35 Tbps.
It is important because of increment for prevalence of cloud services which are uncontrolled and
mainly focused on IT services. Cloud gives the flexibility for exploiting the attacks which are not
acceptable or doubted at very high speed.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Database
Database is defined as the collective information of data which is specially designed for
felicitating the special purpose use of data. It is used to perform various task that are deletion,
creation, updating and readability of information (The Editors of Encyclopedia Britannica,
2018a).
Here, in this assignment we have discussed mainly two major types of database & security which
are as follows:
1. Key/value databases
2. Memcrashed
Key/value databases
Key value database is defined as type of non - relational database which is used for storing the
data or information with the help of key value methods. In this key value database method, key
are working as server for uniquely identification of information respectively. Both the keys and
values are used for creating the simple objects for making complexity with the process of
compounding the objects. It is also using the concept of partition ability and storage space is
required more for securing the capacity.
Memcrashed
Memcrashed is a type of exploring tool for DDoS attack which is completely written in python
which gives the permission for sending the UDP packets in a sequencing of server which are
memcached. It is completely referencable to memcached attack which are still happened with the
plague 2018 of more than 100000 vulnerable server. These all information are received from
calls from database queries and rendering the web page from one page to another page & finally
at last, API calls (Application programming interface). It is completely free which is defined as
open source with high performance. Its memory caching system for object aspects and very
generous in the nature, however it is used for developing the web application with the
management of loading the database
Database is defined as the collective information of data which is specially designed for
felicitating the special purpose use of data. It is used to perform various task that are deletion,
creation, updating and readability of information (The Editors of Encyclopedia Britannica,
2018a).
Here, in this assignment we have discussed mainly two major types of database & security which
are as follows:
1. Key/value databases
2. Memcrashed
Key/value databases
Key value database is defined as type of non - relational database which is used for storing the
data or information with the help of key value methods. In this key value database method, key
are working as server for uniquely identification of information respectively. Both the keys and
values are used for creating the simple objects for making complexity with the process of
compounding the objects. It is also using the concept of partition ability and storage space is
required more for securing the capacity.
Memcrashed
Memcrashed is a type of exploring tool for DDoS attack which is completely written in python
which gives the permission for sending the UDP packets in a sequencing of server which are
memcached. It is completely referencable to memcached attack which are still happened with the
plague 2018 of more than 100000 vulnerable server. These all information are received from
calls from database queries and rendering the web page from one page to another page & finally
at last, API calls (Application programming interface). It is completely free which is defined as
open source with high performance. Its memory caching system for object aspects and very
generous in the nature, however it is used for developing the web application with the
management of loading the database
Key/Value Databases
Key value database is defined as type of non - relational database which is used for storing the
data or information with the help of key value methods. In this key value database method, key
are working as server for uniquely identification of information respectively. Both the keys and
values are used for creating the simple objects for making complexity with the process of
compounding the objects. It is also using the concept of partition ability and storage space is
required more for securing the capacity.
Here, below is the diagram which is explaining the process of key value pair in Dynamo DB
database:
Figure 1: Process Data in Dynamo DB
Use cases for this database
Session Store
The web application or software which are oriented towards the session. In this, session are
logged in then user can access the information of website until and unless user can log out from
the website. In this period, application are allowed for storing the information into the database.
The data which is saved during the session login then it is called session data. Session data is
Key value database is defined as type of non - relational database which is used for storing the
data or information with the help of key value methods. In this key value database method, key
are working as server for uniquely identification of information respectively. Both the keys and
values are used for creating the simple objects for making complexity with the process of
compounding the objects. It is also using the concept of partition ability and storage space is
required more for securing the capacity.
Here, below is the diagram which is explaining the process of key value pair in Dynamo DB
database:
Figure 1: Process Data in Dynamo DB
Use cases for this database
Session Store
The web application or software which are oriented towards the session. In this, session are
logged in then user can access the information of website until and unless user can log out from
the website. In this period, application are allowed for storing the information into the database.
The data which is saved during the session login then it is called session data. Session data is
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
containing the information related to your personal profile, messages and other important things
according to the website respectively and discounts also. Session is allocated uniquely according
to uniquely identity number.
Shopping Cart
On the different occasion, e commerce website are achieving the order in terms of billions of in
one second which is at very large level. However, using the key value pair database we can
easily manage & handle the database which are at very large level. It is also used for handling
the data and able to providing different services to all users at single instance of time.
Popular Key Value Database
Here, below I have mentioned major two popular key value database which are working as key
value pair and these are as follows:
Amazon Dynamo DB
Apache Cassandra
Amazon Dynamo DB
Amazon Dynamo DB is categorized in non – relational database which are able to deliver the
performance of database at very large level. It is multi - platform in terms of multi region and
multi purposes. It is providing automatically back up feature ability of database such that we
need not worry about the losing of data. We are able to access according to whenever we want.
In this, process an item or product is forced into a primary of composite key with the large
number of user accessibility. There is no such particular limitation for accessing the information
of data from database.
Apache Cassandra
It is widely used for non - relational database which are mostly used all over the world. AWS
(Amazon Web Services) who are having premised on Cassandra for taking the advantages and
potential in terms of reliability, scalability, economically making strong and security aspects. For
these all accessibility, the specified version should be Amazon EC2.
according to the website respectively and discounts also. Session is allocated uniquely according
to uniquely identity number.
Shopping Cart
On the different occasion, e commerce website are achieving the order in terms of billions of in
one second which is at very large level. However, using the key value pair database we can
easily manage & handle the database which are at very large level. It is also used for handling
the data and able to providing different services to all users at single instance of time.
Popular Key Value Database
Here, below I have mentioned major two popular key value database which are working as key
value pair and these are as follows:
Amazon Dynamo DB
Apache Cassandra
Amazon Dynamo DB
Amazon Dynamo DB is categorized in non – relational database which are able to deliver the
performance of database at very large level. It is multi - platform in terms of multi region and
multi purposes. It is providing automatically back up feature ability of database such that we
need not worry about the losing of data. We are able to access according to whenever we want.
In this, process an item or product is forced into a primary of composite key with the large
number of user accessibility. There is no such particular limitation for accessing the information
of data from database.
Apache Cassandra
It is widely used for non - relational database which are mostly used all over the world. AWS
(Amazon Web Services) who are having premised on Cassandra for taking the advantages and
potential in terms of reliability, scalability, economically making strong and security aspects. For
these all accessibility, the specified version should be Amazon EC2.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
EC 2 and Amazon Elastic Block Store are providing security for providing storage into AWS
(Amazon Web Services). Data Stax Enterprise is also having platform which are completely
focused and managed the services as same as in Apache Cassandra. DSE Data Stax Enterprise is
developed and deployed for designing handling database at large level (AWS, 2019).
(Amazon Web Services). Data Stax Enterprise is also having platform which are completely
focused and managed the services as same as in Apache Cassandra. DSE Data Stax Enterprise is
developed and deployed for designing handling database at large level (AWS, 2019).
Memchrashed
It is the defined as the key value pair for storing and managing the small amount of data into
arbitrary data that are strings and objects. These all information are received from calls from
database queries and rendering the web page from one page to another page & finally at last, API
calls (Application programming interface). It is completely free which is defined as open source
with high performance. Its memory caching system for object aspects and very generous in the
nature, however it is used for developing the web application with the management of loading
the database (Darknet, 2018).
Memcrashed is a type of exploring tool for DDoS attack which is completely written in python
which gives the permission for sending the UDP packets in a sequencing of server which are
memcached. It is completely referencable to memcached attack which are still happened with the
plague 2018 of more than 100000 vulnerable server.
Requirements of Memcached DDoS Exploit Tool
Here, below are some requirement for the installing this into database as an software into your
OS:
The very first most thing is that you should have the Python 3.x version.
Command for installing python version 3 is as follows: apt-get install python3.
Figure 2: Python Latest Installation
You are also probated for installed the Scapy and Shodan modules.
Command for installing these above are: pip3 install scapy - python3
Command for installing these above are: pip3 install shodan - python3.
It is the defined as the key value pair for storing and managing the small amount of data into
arbitrary data that are strings and objects. These all information are received from calls from
database queries and rendering the web page from one page to another page & finally at last, API
calls (Application programming interface). It is completely free which is defined as open source
with high performance. Its memory caching system for object aspects and very generous in the
nature, however it is used for developing the web application with the management of loading
the database (Darknet, 2018).
Memcrashed is a type of exploring tool for DDoS attack which is completely written in python
which gives the permission for sending the UDP packets in a sequencing of server which are
memcached. It is completely referencable to memcached attack which are still happened with the
plague 2018 of more than 100000 vulnerable server.
Requirements of Memcached DDoS Exploit Tool
Here, below are some requirement for the installing this into database as an software into your
OS:
The very first most thing is that you should have the Python 3.x version.
Command for installing python version 3 is as follows: apt-get install python3.
Figure 2: Python Latest Installation
You are also probated for installed the Scapy and Shodan modules.
Command for installing these above are: pip3 install scapy - python3
Command for installing these above are: pip3 install shodan - python3.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Figure 3: Shodan Installation
Command for installing these above are: pip3 install shodan (Cloudi, 2018).
Figure 4: Shodan API for Memcrashed
Solution for memchrashed exploit
Corero’s Solution
Cloud gives the flexibility for exploiting the attacks which are not acceptable or doubted
at very high speed.
First of all, it detects and analyze the defect in a one second and after that generate &
create the top sip list.
It will result in terms of no collateral damages.
Command for installing these above are: pip3 install shodan (Cloudi, 2018).
Figure 4: Shodan API for Memcrashed
Solution for memchrashed exploit
Corero’s Solution
Cloud gives the flexibility for exploiting the attacks which are not acceptable or doubted
at very high speed.
First of all, it detects and analyze the defect in a one second and after that generate &
create the top sip list.
It will result in terms of no collateral damages.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
The packet rate is minimum according to concept of reversing the application is that 1 /
50000 partiton.
The creation of packets are as UDP in trivial form (Lloyd, 2018).
Figure 5: Corero's Solution
Linode Solution
According to this it is using the concept of inbounding and out bounding the UDP. In this,
process a one specific edge area which are having traffic are blocked, however it is just a
temporary solution. Linode is not having the permission for moving towards the internal UDP
from external UDP network. Linode is allowed for accessing the UPD network 11211 (Linode,
2018).
Kill Switching for DDoS attacks
In these type of killing, computers are allowed and permitted for saving them from paralyzing
the already existing system. For this, mamcached is used. In this process, it is used for increment
in the performance of the website which utilizing the database for storing the database content.
How to secure Memcached on Ubuntu & Debian Servers
Before, implementing this you have to apply and configure some parameters as service for
securing the memcached on Ubuntu and Debian servers by editing the path / etc / memcached .
50000 partiton.
The creation of packets are as UDP in trivial form (Lloyd, 2018).
Figure 5: Corero's Solution
Linode Solution
According to this it is using the concept of inbounding and out bounding the UDP. In this,
process a one specific edge area which are having traffic are blocked, however it is just a
temporary solution. Linode is not having the permission for moving towards the internal UDP
from external UDP network. Linode is allowed for accessing the UPD network 11211 (Linode,
2018).
Kill Switching for DDoS attacks
In these type of killing, computers are allowed and permitted for saving them from paralyzing
the already existing system. For this, mamcached is used. In this process, it is used for increment
in the performance of the website which utilizing the database for storing the database content.
How to secure Memcached on Ubuntu & Debian Servers
Before, implementing this you have to apply and configure some parameters as service for
securing the memcached on Ubuntu and Debian servers by editing the path / etc / memcached .
conf file with named as nano by implementing the following command which is $ sudo nano /
etc / memcached . conf.
By default, both of them are single integrated into the local interface that is 127 . 0 . 0 . 1. For the
instance of installation, it is not vulnerable for amplifying the attacks and defects from the
network. For checking the behavior of address we use – 1 option. The option which is available
is that disabling the UDP for exploiting this. You are disabling the UDP server, however TCP
server is working until and unless it is required.
Process for Applying this
When you have implemented this by completing these all above commands. Then just
save and finish it.
After that, restart your memcached service for saving & confirming changes which you
have applied. For this, use following command: $ sudo service memcached restart.
Now, verify your currently bound which is memcached to apply the local interface and
listening for applying this TCP. For this, use following command: $ sudo netstat – plunt.
Securing Memcached on Cent OS and Fedora Servers
Before, implementing this you have to apply and configure some parameters as service for
securing the memcached on Cent OS & Fedora servers by editing the path / etc / sysconfig /
memcached with the platform on VI editor by implementing the following command which is $
sudo vi / etc / sysconfig / memcached. By default, both of them are single integrated into the
local interface that is 127 . 0 . 0 . 1. For the instance of installation, it is not vulnerable for
amplifying the attacks and defects from the network. For checking the behavior of address we
use – 1 option. The option which is available is that disabling the UDP for exploiting this. You
are disabling the UDP server, however TCP server is working until and unless it is required
(DigitalOcean, 2018).
etc / memcached . conf.
By default, both of them are single integrated into the local interface that is 127 . 0 . 0 . 1. For the
instance of installation, it is not vulnerable for amplifying the attacks and defects from the
network. For checking the behavior of address we use – 1 option. The option which is available
is that disabling the UDP for exploiting this. You are disabling the UDP server, however TCP
server is working until and unless it is required.
Process for Applying this
When you have implemented this by completing these all above commands. Then just
save and finish it.
After that, restart your memcached service for saving & confirming changes which you
have applied. For this, use following command: $ sudo service memcached restart.
Now, verify your currently bound which is memcached to apply the local interface and
listening for applying this TCP. For this, use following command: $ sudo netstat – plunt.
Securing Memcached on Cent OS and Fedora Servers
Before, implementing this you have to apply and configure some parameters as service for
securing the memcached on Cent OS & Fedora servers by editing the path / etc / sysconfig /
memcached with the platform on VI editor by implementing the following command which is $
sudo vi / etc / sysconfig / memcached. By default, both of them are single integrated into the
local interface that is 127 . 0 . 0 . 1. For the instance of installation, it is not vulnerable for
amplifying the attacks and defects from the network. For checking the behavior of address we
use – 1 option. The option which is available is that disabling the UDP for exploiting this. You
are disabling the UDP server, however TCP server is working until and unless it is required
(DigitalOcean, 2018).
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 17
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.