Echo Service Detection

This script is Copyright (C) 1999-2014 Tenable Network Security, Inc.


Synopsis :

An echo service is running on the remote host.

Description :

The remote host is running the 'echo' service. This service
echoes any data which is sent to it.

This service is unused these days, so it is strongly advised that
you disable it, as it may be used by attackers to set up denial of
services attacks against this host.

Solution :

- Under Unix systems, comment out the 'echo' line in /etc/inetd.conf
and restart the inetd process

- Under Windows systems, set the following registry key to 0 :
HKLM\System\CurrentControlSet\Services\SimpTCP\Parameters\EnableTcpEcho
HKLM\System\CurrentControlSet\Services\SimpTCP\Parameters\EnableUdpEcho

Then launch cmd.exe and type :

net stop simptcp
net start simptcp

To restart the service.

Risk factor :

None

Family: Service detection

Nessus Plugin ID: 10061 (echo.nasl)

Bugtraq ID:

CVE ID: CVE-1999-0103
CVE-1999-0635