| VID |
11009 |
| Severity |
30 |
| Port |
9 |
| Protocol |
TCP |
| Class |
DOS |
| Detailed Description |
The remote host is running a 'discard' service. This service typically sets up a listening socket and will ignore all the data which it receives.
This service is unused these days, so it is advised that you disable it.
* Platforms Affected:
UNIX, Linux |
| Recommendation |
Recommend to disable the discard service:
For UNIX systems:
1. Comment out the discard entry in the /etc/inetd.conf file
2. Revoke the inetd process as the following command:
kill -HUP <inetd process id>
*Solaris 10, Solaris 11:
svcadm disable svc:/network/discard:dgram
svcadm disable svc:/network/discard:stream
*Enterprise Linux 6.4, CentOS 6.4, Fedora 19:
Open /etc/xinetd.d/discard-dgram and /etc/xinetd.d/discard-stream and then set disable=yes
and then restart xinetd
For Windows NT/2000 systems:
If you only want to disable the discard service:
1. Open the registry editor.
2. Go to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SimpTcp\Parameters.
3. Set EnableTcpDiscard to 0.
4. To implement your changes, stop and restart the Simple TCP/IP Service.
* Windows XP, 2003, VISTA, 7, 2008, 10, 2016, 2019:
1. Start menu, select Run and then execute regedt32
2. Go to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SimpTcp\Parameters.
3. Set EnableTcpDiscard to 0.
4. To implement your changes, stop and restart the Simple TCP/IP Service.
* Windows 8, 2012:
1. Open the Charms and select search, type regedt32, and click OK. (The focus is local computer by default)
2. Go to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SimpTcp\Parameters.
3. Set EnableTcpDiscard to 0.
4. To implement your changes, stop and restart the Simple TCP/IP Service. |
| Related URL |
CVE-1999-0636 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
