Preface: Chargen_Denial_of_ServiceLogo -Internet Security Systems

Chargen_Denial_of_Service
advICE :Intrusions : 2000211
 FAQ
Oh my gosh, I'm being HACKED!!!
How do I report the hacker to my ISP?
I'm seeing lots of attacks, is this normal?
Summary

A UDP packet has been seen traveling between two "echoing" ports. Such packets can bounce an infinite number of times, using up network bandwidth and CPU.

Details

See UDP port loopback description for more details.

Trigger

This alert triggers when it sees a UDP packet with the source port and destination port both set to 19.

Spoofing

These attacks are always initiated with a spoofed packet.

Systems affected

All systems support such services and are vulnerable to this attack.

Defense

Disable the "chargen" port and/or firewall it.

 more information
CERT: CA-96.01.UDP_service_denial   UDP Port Denial-of-Service Attack
 
advICE: spoofing  
 
CVE-1999-0103   echo/chargen can be used flood, bomb, storm target
 
chargen  
  
 
Version appeared: 3.0
Privacy Policy |  Copyright Info