Open Memcached Report

This report identifies hosts that have the Memcached key-value store running and accessible on the Internet.

Since this service does not support authentication, any entity that can access the Memcached instance can have complete control over the key-value store. In addition, instances of Memcached that are accessible via UDP may be abused in amplification-style denial of service attacks.

See memcached.org for more information about Memcached.

Fields

  • timestamp
    Time that the IP was probed in UTC+0
  • ip
    The IP address of the device in question
  • protocol
    Protocol that the Memcached response came on (TCP/UDP)
  • port
    Port that the Memcached response came from (usually 11211)
  • hostname
    Reverse DNS name of the device in question
  • tag
    Will always be memcached
  • version
    Memcached version number
  • asn
    ASN of where the device in question resides
  • geo
    Country where the device in question resides
  • region
    State / Province / Administrative region where the device in question resides
  • city
    City in which the device in question resides
  • naics
    North American Industry Classification System Code
  • sic
    Standard Industrial Classification System Code
  • pid
    Process ID (PID) of the running Memcached server instance
  • pointer_size
    The system architecture (32 or 64 bits)
  • uptime
    Number of seconds since Memcached server start
  • time
    The current time and date (in UTC) that Memcached thinks it is at the time the server was probed
  • curr_connections
    The current number of client connections to the Memcached server
  • total_connections
    The total number of client connections to the Memcached server since it was last restarted

Sample

"timestamp","ip","protocol","port","hostname","tag","version","asn","geo","region","city","naics","sic","pid","pointer_size","uptime","time","curr_connections","total_connections"
"2015-01-22 01:30:25","167.160.165.190","tcp",11211,,"memcached","1.4.20",62639,"US","CALIFORNIA","LOS ANGELES",0,0,787,64,87136,"2015-01-22 01:30:26",10,13
"2015-01-22 01:30:25","42.96.169.80","tcp",11211,,"memcached","1.4.0",37963,"CN","BEIJING","BEIJING",0,0,2258,64,32637459,"2015-01-22 01:30:25",5,424
"2015-01-22 01:30:25","69.175.96.27","tcp",11211,"node2.al-yasser.com.sa","memcached","1.4.13",32475,"US","ILLINOIS","CHICAGO",0,0,1565,32,12048127,"2014-12-13 04:19:50",10,69
"2015-01-22 01:30:25","74.82.14.241","tcp",11211,"exploited.com","memcached","1.4.13",6939,"US","CALIFORNIA","FREMONT",0,0,18843,32,8409567,"2015-01-22 01:30:25",14,33780
"2015-01-22 01:30:25","172.252.84.254","tcp",11211,,"memcached","1.4.15",18779,"US","CALIFORNIA","SAN JOSE",0,0,30766,64,10403726,"2015-01-22 01:25:25",11,7628
"2015-01-22 01:30:25","98.126.206.158","tcp",11211,"customer.vpls.net","memcached","1.4.15",35908,"US","CALIFORNIA","ORANGE",0,0,2436,64,7685339,"2015-01-22 01:32:36",30,15299
"2015-01-22 01:30:25","223.4.21.189","tcp",11211,,"memcached","1.2.1",37963,"CN","ZHEJIANG","HANGZHOU",0,0,1888,32,32586282,"2015-01-22 01:30:34",1,324
"2015-01-22 01:30:25","121.41.60.46","tcp",11211,,"memcached","1.2.6",37963,"CN","ZHEJIANG","HANGZHOU",0,0,7564,32,1277693,"2015-01-22 01:30:25",2,36
"2015-01-22 01:30:25","221.130.4.205","tcp",11211,,"memcached","1.2.0",56046,"CN","JIANGSU","NANJING",0,0,3235,64,173711750,"2015-01-21 17:16:31",37,231

Our 77 Report Types

« Back to Network Reporting