Defining Small Server Services

TCP and UDP small servers are services that run in the router and are useful for diagnostics, including Echo, Chargen, Daytime, and Discard:

• Echo (UDP, TCP) This simple port just echoes whatever is sent to it.

• Chargen (UDP, TCP) This simple port generates a stream of characters (TCP) or a packet containing characters (UDP).

• Daytime (TCP) This simple port responds with the current time of day. The protocol specification does not clearly define the format of the data returned, so every machine responds in a slightly different format. This can be used to fingerprint machines.

• Discard (UDP, TCP) This simple port throws traffic away.

These services, especially their UDP versions, are used for diagnostic purposes but can be used to launch DoS and other attacks that would otherwise be prevented by packet filtering. It is recommended that these services not be enabled unless doing so is absolutely necessary. These services could be exploited indirectly to gain information about the target system or directly as is the case with the Fraggle attack, which uses UDP echo.

0 0

Post a comment