Securing Memcached

Follow

In many cases, memcached is utilised to store data legitimately on local servers, however in many cases it can be misconfigured, and allow any illegitimate attacker to access, and modify your data stored within the service, due to it not having any Authentication Measures available.

You can read up on this further at the below URL

https://www.shadowserver.org/wiki/pmwiki.php/Services/Open-Memcached

It is recommended that if you're only using it on the local server, you ensure that it is bound to the loopback address.

You can ensure this is the case, using the configuration values below;

RHEL / CentOS

[root@server ~]# grep -- "-l 127.0.0.1" /etc/sysconfig/memcached
OPTIONS="-l 127.0.0.1"

Ubuntu / Debian

root@server:~# grep -- "-l 127.0.0.1" /etc/memcached.conf
-l 127.0.0.1

If either of the above examples end up empty, you will have to add in the respective lines and restart the service in order to secure it on the localhost.

 

Have more questions? Submit a request

Comments

Powered by Zendesk