VPS en dedicated servers (centrum voor hostingbeheer) Help

How to Disable CHARGEN on Your Server

CHARGEN-exploited DDoS attacks use a flawed and outdated testing/debugging protocol that has not been removed from most operating systems. Disabling CHARGEN stops a server from being misused by an attacker.

DIFFICULTY Basic - 1 | Medium - 2 | Advanced - 3
TIME REQUIRED 15-30 min
RELATED PRODUCTS VPS or dedicated servers

Windows-based Servers

From the cmd prompt (run as Administrator on Windows Server 2012), run:

sc stop simptcp

Response:

SERVICE_NAME: simptcp
        TYPE               : 20  WIN32_SHARE_PROCESS
        STATE              : 3  STOP_PENDING
                                (STOPPABLE, PAUSABLE, IGNORES_SHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x1
        WAIT_HINT          : 0x4e20

Then run:

sc config simptcp start= disabled

Response:

[SC] ChangeServiceConfig SUCCESS

Linux Server

Access your server via SSH as root.

Locate the following file:

/etc/xinetd.d/chargen-stream

Edit the file to include (add if not there already) under the Environmental options header:

enabled = chargen-stream

Remember to restart the xinetd service:

service xinetd restart

You may also find this same line in other files of /etc/xinetd.d/


As CHARGEN can be re-enabled through a simple reversal of these steps a simple malicious script could be used to again open up a server for exploit. Please refer to our other server security articles for steps and tips to reducing the chances of an exploited server.


Was dit artikel nuttig?
Hartelijk dank voor je feedback. Gebruik het supporttelefoonnummer of de bovenstaande chatoptie als je een vertegenwoordiger van de afdeling Klantenondersteuning wilt spreken.
Fijn dat we konden helpen! Kunnen we nog iets voor je doen?
Dat spijt ons. Vertel ons wat je verwarrend vond of waarom je probleem niet is opgelost via de geboden oplossing.