6. Memcrashed
• Memcached DDOS issue not Redis
• Memcached is high-performance In-Memory K-V Store
• Memcached opened UDP port as Default(11211 port).
• Memcached doesn't support Authentication.
• It web patched in 28 Feb, 2018
19. Limitation of requirepass
• if you know password, you can run all commands.
• O(N) Commands
• KEYS
• FLUSHALL
• LREM
20. rename-command
• We can change command name to another.
• or can Disable it
• But sometimes we need to use disabled commands for management.
• if someone know changed commands
• All people will know them.
• Still someone can make mistake.
22. ACL : Access Control List
• Specify who has granted access to objects
• In Redis
• Specify who is granted to execute specific commands
23. Examples
#<username> <password> [<acl> <acl> … <acl>]
charsyam "my password" +#all
client "my password" +#readonly
default "" +ping +info
charsyam can execute all commands
client can execute only readonly commands
default user only can run ping and info commands
- default is a user permission before auth step.