Home Guides Glossary

How to Disable CHARGEN on Your Server

CHARGEN-exploited DDoS attacks are simplistic but effective. Using a flawed and outdated testing/debugging protocol that has not been removed from most operating systems. Disabling CHARGEN will stop a server from being misused by an attacker in their efforts to disrupt another server.

DIFFICULTY Basic - 1 | Medium - 2 | Advanced - 3
TIME REQUIRED 15-30 min
RELATED PRODUCTS VPS or dedicated servers

Windows-based Servers

From the cmd prompt (run as Administrator on Windows Server 2012), run:

sc stop simptcp

Response:

SERVICE_NAME: simptcp
TYPE               : 20  WIN32_SHARE_PROCESS
STATE              : 3  STOP_PENDING
(STOPPABLE, PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE    : 0  (0x0)
SERVICE_EXIT_CODE  : 0  (0x0)
CHECKPOINT         : 0x1
WAIT_HINT          : 0x4e20

Then run:

sc config simptcp start= disabled

Response:

[SC] ChangeServiceConfig SUCCESS

Linux Server

Access your server via SSH as root.

Locate the following file:

/etc/xinetd.d/chargen-stream

Edit the file to include (add if not there already) under the Environmental options header:

enabled = chargen-stream

Remember to restart the xinetd service:

service xinetd restart

You may also find this same line in other files of /etc/xinetd.d/


As CHARGEN can be re-enabled through a simple reversal of these steps a simple malicious script could be used to again open up a server for exploit. Please refer to our other server security articles for steps and tips to reducing the chances of an exploited server.

Domain Registration

Pay less for website domain names. Register your own .com, .net or .org for as low as $10.18 per year. We have everything you need to get online with your new domain.

Website Builder

For as little as $3.89 per month you can build your Website online with Website Builder using our easy to use professional templates. Play Video - Demo

Quick Shopping Cart

Build and run your own successful online store in minutes. You're just five easy steps away! Shopping Cart works with Google® and eBay® Play Video

Website Hosting

Everything needed to give your website the high-performance home it deserves.  Protect transactions and secure your customer's data with a SSL Certificate

Copyright © 2005 - 2017. All rights reserved. Privacy Policy