Daytime Service Detection

This script is Copyright (C) 1999-2014 Tenable Network Security, Inc.


Synopsis :

A daytime service is running on the remote host.

Description :

The remote host is running a 'daytime' service. This service is
designed to give the local time of the day of this host to whoever
connects to this port.

The date format issued by this service may sometimes help an attacker
to guess the operating system type of this host, or to set up timed
authentication attacks against the remote host.

In addition, if the daytime service is running on a UDP port, an
attacker may link it to the echo port of a third-party host using
spoofing, thus creating a possible denial of service condition between
this host and the third party.

Solution :

- On Unix systems, comment out the 'daytime' line in /etc/inetd.conf
and restart the inetd process.

- On Windows systems, set the following registry keys to 0 :
HKLM\System\CurrentControlSet\Services\SimpTCP\Parameters\EnableTcpDaytime
HKLM\System\CurrentControlSet\Services\SimpTCP\Parameters\EnableUdpDaytime

Next, launch cmd.exe and type :

net stop simptcp
net start simptcp

This will restart the service.

Risk factor :

None

Family: Service detection

Nessus Plugin ID: 10052 (daytime.nasl)

Bugtraq ID:

CVE ID: