There are many websites which deals with large chunks of data like retrieving postal codes of countries, driving license number where the functionality is based on retrieving the most searched items by storing them in a temporary location. This entire scenario is eased by the use of Memcached.
Memcached is one of the temporary data storage service where the data is stored in chunks of memory called Slabs. Each of the slabs contain multiple items and finally, the actual data is stored in these items in : format.
Memcached was designed as a pooling server and to be used via TCP, whereby the default TCP and UDP port is 11211. The pooling process provides us with large ram space and the data present in the items are stored in the form of hash table distributed over multiple machines present in the pool. When the table is full, new entry is added into the table using least recently used (LRU) order.
The memcached server manages the entire data that is stored by the memcached and it maintains integrity by retrieving the data from that server where it was initially stored. The better part is that memcached does not require the reliability of a database as it layers the requests into the ram before falling into secondary storages. Since it is independent of database it is, therefore, safe from SQL injection, but that is not all. Since every pros comes with cons. Similarly, if the memcached server is not configured properly it could be vulnerable to many attacks, which can be very seriously devastating and dangerous. These misconfigured servers are vulnerable to reflection and amplification denial of service attacks (DDoS) via the internet. The limit of the stored value is user configurable in case of memcached but by default it is set to 1MB.
Exposed memcached server are vulnerable to spoofed UDP packet sent to port 11211, which can request the single 1MB value multiple number of times resulting in a massive traffic and a huge amplification factor and hence the name amplification attack. Another such devastating type of attack is the reflection attack where the attacker instead of forwarding the get request to the client directly forwards it to a host of machines, the machines in response reflects the request to the original clients and hence dump the networks by flooding the requests.
In order to reduce these risk, the network infrastructure and the memcached server should be configured by implementing industry standard best current practices such as binding the memcached to a particular source IP only. The greater the protection taken in running the memcached services (like strong firewalls) the lesser is the risk of addition, deletion and updating of the data.
- How did Apple Become World’s First $1 Trillion Company?
- Career Paths For Software Developers and Programmers in 2019
- GATE CS 2020 Syllabus
- Computer Animation
- Digital Evidence - How to use FTK for examining evidence
- Why are there two folders - Program Files and Program Files (x86) in 64-bit Windows OS?
- What is the need of CMOS battery in Computers?
- Relationship between Data Mining and Machine Learning
- Difference between a Data Analyst and a Data Scientist
- How to block websites on Chrome and FireFox?
- What are Bugs and how it came into existence?
- Overturning Changes In Git
- Examining Git
- Git- Debugging
If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to email@example.com. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.