Echo Service Detection

medium Nessus Plugin ID 10061


An echo service is running on the remote host.


The remote host is running the 'echo' service. This service echoes any data which is sent to it.

This service is unused these days, so it is strongly advised that you disable it, as it may be used by attackers to set up denial of services attacks against this host.


Below are some examples of how to disable the echo service on some common platforms, however many services can exhibit this behavior and the list below is not exhaustive.

Consult vendor documentation for the service exhibiting the echo behavior for more information.

- Under Unix systems, comment out the 'echo' line in /etc/inetd.conf and restart the inetd process.

- Under Ubuntu systems, comment out the 'echo' line in /etc/systemd/system.conf and retart the systemd service.

- Under Windows systems, set the following registry key to 0 :
HKLM\System\CurrentControlSet\Services\SimpTCP\Parameters\EnableTcpEcho HKLM\System\CurrentControlSet\Services\SimpTCP\Parameters\EnableUdpEcho

Then launch cmd.exe and type :

net stop simptcp net start simptcp

To restart the service.

Plugin Details

Severity: Medium

ID: 10061

File Name: echo.nasl

Version: 1.46

Type: remote

Published: 6/22/1999

Updated: 6/12/2020

Risk Information


Risk Factor: Medium

Score: 4.4


Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-1999-0103


Risk Factor: Medium

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Reference Information

CVE: CVE-1999-0103, CVE-1999-0635