| VID |
11006 |
| Severity |
30 |
| Port |
19 |
| Protocol |
TCP,UDP |
| Class |
DOS |
| Detailed Description |
The chargen service is running.
The "chargen" service should only be enabled when testing the machine. but echo, chargen, time and daytime, or other combinations of UDP services, can be used in tandem to flood the server, a.k.a. UDP bomb or UDP packet storm.
For example, by connecting a host's chargen service to the echo service on the same or another machine, all affected machines may be effectively taken out of service because of the excessively high number of packets produced. In addition, if two or more hosts are so connected, the intervening network may also become congested and deny service to all hosts whose traffic traverses that network.
* References:
http://www.iss.net/security_center/static/36.php
http://online.securityfocus.com/archive/1/6407 |
| Recommendation |
Recommend to disable the chargen service:
For UNIX systems:
1. Comment out the chargen entry in the /etc/inetd.conf file
2. Revoke the inetd process as the following command:
kill -HUP <inetd process id>
*Solaris 10, Solaris 11:
svcadm disable svc:/network/chargen:dgram
svcadm disable svc:/network/chargen:stream
*Enterprise Linux 6.4, CentOS 6.4, Fedora 19:
Open /etc/xinetd.d/chargen-dgram and /etc/xinetd.d/chargen-stream and then set disable=yes
and then restart xinetd
For Windows NT/2000 systems:
If you only want to disable the echo service:
1. Open the registry editor.
2. Go to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SimpTcp\Parameters.
3. Set EnableTcpChargen and EnableUdpChargen to 0.
4. To implement your changes, stop and restart the Simple TCP/IP Service.
* Windows XP, 2003, VISTA, 7, 2008, 10, 2016, 2019:
1. Start menu, select Run and then execute regedt32
2. Go to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SimpTcp\Parameters.
3. Set EnableTcpChargen and EnableUdpChargen to 0.
4. To implement your changes, stop and restart the Simple TCP/IP Service.
* Windows 8, 2012:
1. Open the Charms and select search, type regedt32, and click OK. (The focus is local computer by default)
2. Go to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SimpTcp\Parameters.
3. Set EnableTcpChargen and EnableUdpChargen to 0.
4. To implement your changes, stop and restart the Simple TCP/IP Service. |
| Related URL |
CVE-1999-0103 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
