echo - TCP/UDP 7
来源:互联网 发布:女网络作家排行榜 编辑:程序博客网 时间:2024/05/15 23:46
今天给主机做扫描时,发现了下面的问题。echo服务,默认开放tcp 7或udp 7端口,向服务器端口发送信息,同样的信息内容会返回到客户端或其他地址。
10061 (20) - Echo Service Detection
Synopsis
An echo service is running on the remote host.
Description
The remote host is running the 'echo' service. This service echoes any data which is sent to it. This service is unused these days, so it is strongly advised that you disable it, as it may be used byattackers to set up denial of services attacks against this host.
Solution
Under Unix systems, comment out the 'echo' line in/etc/inetd.conf andrestart the inetd process
- Under Windows systems, set thefollowing registry key to 0:
HKLM\System\CurrentControlSet\Services\SimpTCP\Parameters\EnableTcpEchoHKLM\System\CurrentControlSet\Services\SimpTCP\Parameters\EnableUdpEchoThen launch cmd.exe and type :
net stop simptcp
net start simptcp To restart the service.
Risk Factor
None
References
CVE CVE-1999-0103
CVE CVE-1999-0635
XREF OSVDB:150
Plugin Information:
Public ation date: 1999/06/22, Modification date: 2014/06/09
Hosts
192.168.0.4 (tcp/7)
192.168.0.10 (tcp/7)
192.168.0.11 (tcp/7)
192.168.0.11 (udp/7)
很多时候,安装一些服务软件或做完调试配置,忘记关掉不必要的服务。为了重现上述场景,选择在debian 7主机上安装xinetd.
root@linux:~# uname -aLinux linux 3.2.0-4-amd64 #1 SMP Debian 3.2.60-1+deb7u3 x86_64GNU/Linux
inetutils-inetd - internet super server
micro-inetd - simple network service spawner
openbsd-inetd - OpenBSD Internet Superserver
reconf-inetd - maintainer script for programmatic updates of inetd.conf
rinetd - Internet TCP redirection server
rlinetd - gruesomely over-featured inetd replacement
python-twisted-runner - Process management, including an inetd server
python-twisted-runner-dbg - Process management, including an inetd server (debug extension)
update-inetd - inetd configuration file updater
xinetd - replacement for inetd with many enhancements
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
xinetd
0 upgraded, 1 newly installed, 0 to remove and 16 not upgraded.
Need to get 0 B/149 kB of archives.
After this operation, 323 kB of additional disk space will be used.
Selecting previously unselected package xinetd.
(Reading database ... 113919 files and directories currently installed.)
Unpacking xinetd (from .../xinetd_1%3a2.3.14-7.1+deb7u1_amd64.deb) ...
Processing triggers for man-db ...
Setting up xinetd (1:2.3.14-7.1+deb7u1) ...
[ ok ] Stopping internet superserver: xinetd.
[ ok ] Starting internet superserver: xinetd.
root@linux:~# vi /etc/xinetd.d/echo
# default: off# description: An xinetd internal service which echo's characters back to
# clients.
# This is the tcp version.
service echo
{
# disable = yes
disable = no
type = INTERNAL
id = echo-stream
socket_type = stream
protocol = tcp
user = root
wait = no
}
# This is the udp version.
service echo
{
# disable = yes
disable = no
type = INTERNAL
id = echo-dgram
socket_type = dgram
protocol = udp
user = root
wait = yes
}
开启服务service xinetd start,TCP 7 / UDP 7 端口开放
root@linux:~# netstat -antuActive Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:7 0.0.0.0:* LISTEN
udp 0 0 0.0.0.0:7 0.0.0.0:*
攻击方式
http://www.giac.org/paper/gcih/206/udp-flood-denial-service/101057
http://servv89pn0aj.sn.sourcedns.com/~gbpprorg/phrack/phrack.ru/63/p63-0x0c.txt
Starting Nping 0.6.46 ( http://nmap.org/nping ) at 2014-09-05 19:57 EDT
SENT (0.0078s) UDP 192.168.0.97:53 > 192.168.0.98:7 ttl=64 id=19827 iplen=46
SENT (1.0126s) UDP 192.168.0.97:53 > 192.168.0.98:7 ttl=64 id=19827 iplen=46
SENT (2.0142s) UDP 192.168.0.97:53 > 192.168.0.98:7 ttl=64 id=19827 iplen=46
SENT (3.0161s) UDP 192.168.0.97:53 > 192.168.0.98:7 ttl=64 id=19827 iplen=46
Max rtt: N/A | Min rtt: N/A | Avg rtt: N/A
Raw packets sent: 4 (184B) | Rcvd: 0 (0B) | Lost: 4 (100.00%)
Nping done: 1 IP address pinged in 4.02 seconds
注: 本机IP: 192.168.0.100
建议:
1. 安装应用时, 确保关闭引入的不必要服务
- echo - TCP/UDP 7
- tcp udp 的echo脚本
- 基于libuv库的tcp, udp echo服务器和客户段测试python代码。
- <网络编程培训之三> 实现TCP/UDP的简单Echo服务器
- TCP Echo Server(select)
- TCP Echo 服务器
- ECHO TCP Server Client
- TCP实现ECHO程序
- TCP echo test
- TCP echo server demo
- UDP Client Server Echo Example
- [c++]udp的echo 程序
- TCP&UDP
- TCP UDP
- TCP/UDP
- TCP & UDP
- TCP/UDP
- UDP tcp
- CF D. Bag of mice(概率dp)
- JavaSE 反射技术
- 工作量估计的已知和未知
- C# 中对象与Json互转的方法整理笔记
- UVALive 6424 —— Russian Dolls(贪心)
- echo - TCP/UDP 7
- hdu 2412 Party at Hali-Bula(树形DP)
- raspberrypi之没有显示器玩树莓派
- 使用adb命令批处理安装&卸载apk
- CoreTelephony框架的简单使用
- 【CodeForces】383C Propagating tree 线段树
- cookies的使用
- HDU 1282 回文数猜想(简单数学题)
- 【2017】Speed Limit (水题)POJ