Family: Useless services --> Category: infos
Chargen Vulnerability Scan
Vulnerability Scan Summary
Searches for the existence of chargen
Detailed Explanation for this Vulnerability Test
The remote host is running a 'chargen' service.
When contacted, chargen responds with some random characters (something
like all the characters in the alphabet in a row). When contacted via UDP, it
will respond with a single UDP packet. When contacted via TCP, it will
continue spewing characters until the client closes the connection.
The purpose of this service was to mostly to test the TCP/IP protocol
by itself, to make sure that all the packets were arriving at their
destination unaltered. It is unused these days, so it is suggested
you disable it, as a possible hacker may use it to set up an attack against
this host, or against a third party host using this host as a relay.
An easy attack is 'ping-pong' in which a possible hacker spoofs a packet between
two machines running chargen. This will cause them to spew characters at
each other, slowing the machines down and saturating the network.
- Under Unix systems, comment out the 'chargen' line in /etc/inetd.conf
and restart the inetd process
- Under Windows systems, set the following registry keys to 0 :
Then launch cmd.exe and type :
net stop simptcp
net start simptcp
To restart the service.
Low / CVSS Base Score : 2
Click HERE for more information and discussions on this network vulnerability scan.