Hello Friends
Does anyone have the smarts to know if those of us using standard firewall settings on AWS / DO infrastructure are likely to be opening our Trellis memcacheds to the public, as per the use of memcached servers in this DDoS attack on Github this week.
Cheers brains.
It appears it might be vulnerable although the firewall should block it but it appears it might not be.
Either way UDP support should be disabled. See https://github.com/roots/trellis/pull/955
Thanks for looking at it. I usually use AWS because DO is way slower here in Crocodile Dundee. And AWS blocks all ports by default. So I wasn’t too panicky.
Thanks again.