Skip to content

Max-Sum/memreflect

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
build
build
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.sh
build.sh
 
 
memreflect
memreflect
 
 
memreflect.go
memreflect.go
 
 

Repository files navigation

MemReflect

MemReflect is another implementation on the Memcached killswitch. Unlike Memfixed, which uses an active mitigation model, this one uses a passive model. It sends back killswitch after receiving any UDP packet from 11211 port. This could kill the unknown vulnerable memcached servers. Your server might be flooded before you send few killswitch, but it does help killing some servers.

Usage

The program automantically sets iptables and routing to receive UDP packets from 11211. Therefor, TPROXY module and root permission is required.

Arguments

-p The port memreflect listen on

-s Use shutdown instead of flush_all command

Build and run

go get -t github.com/Max-Sum/memreflect/build
go build -o memreflect github.com/Max-Sum/memreflect/build
sudo ./memreflect -p 11211

Docker

Environment

MEMREFLECT_PORT The port memreflect listen on

MEMREFLECT_SHUTDOWN Use shutdown instead of flush_all command if set

Run

The program would set iptables and routing automantically, but you need to give the capability of net_admin to the docker.

docker run --network=host -d -e MEMREFLECT_PORT=11211 --cap-add net_admin gzmaxsum/memreflect

About

A passive tool to mitigate memcached reflection DDoS

Resources

Readme

License

BSD-3-Clause license
Activity

Stars

29 stars

Watchers

1 watching

Forks

8 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages