Echo, Chargen, Time, and Daytime Services contents.gifindex.gif

Echo, Chargen, Time, and Daytime Services

The echo, chargen, time, and daytime services can be spoofed into sending data from one service on one machine to another service on another machine. This causes an infinite loop and creates a denial of service attack. The attack can consume increasing amounts of network bandwidth, causing loss of performance or even a total shutdown of the affected network segments.

Risk: Medium

Fix: Comment out the echo, chargen, time, and daytime entries in the /etc/inetd.conf file and then restart the inetd process.

Patch: There are patches available for Linux that will make echo and chargen unable to send data to specific ports, precluding the possibility of infinite loops.