2.1.1 Ensure chargen services are not enabled (Scored)
Profile Applicability
Level 1 - Server Level 1 - Workstation
Description
chargen
is a network service that responds with 0 to 512 ASCII characters for each connection it receives. This service is intended for debugging and testing purposes. It is recommended that this service be disabled.
Rationale
Disabling this service will reduce the remote attack surface of the system.
Audit
Run the following command and verify chargen-dgram
and chargen-stream
are off or missing:
# chkconfig --list xinetd based services: chargen-dgram: off chargen-stream: off
Remediation
Run the following commands to disable chargen-dgram
and chargen-stream
:
# chkconfig chargen-dgram off # chkconfig chargen-stream off