Back

Configure the "character generator protocol (chargen)" setting to organizational standards.


CONTROL ID
04914
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Disable all unnecessary services unless otherwise noted in a policy exception., CC ID: 00880

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • Title: Disable chargen-dgram Description: chargen-dram is a network service that responds with 0 to 512 ASCII characters for each datagram it receives. This service is intended for debugging and testing puposes. It is recommended that this service be disabled. Rationale: Disabling this service w… (Rule: xccdf_org.cisecurity.benchmarks_rule_2.1.12_Disable_chargen-dgram Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_2.1.12.1_services.chargen-dgram, The Center for Internet Security CentOS 6 Level 1 Benchmark, 1.0.0)
  • Title: Disable chargen-stream Description: chargen-stream is a network service that responds with 0 to 512 ASCII characters for each connection it receives. This service is intended for debugging and testing puposes. It is recommended that this service be disabled. Rationale: Disabling this serv… (Rule: xccdf_org.cisecurity.benchmarks_rule_2.1.13_Disable_chargen-stream Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_2.1.13.1_services.chargen-stream, The Center for Internet Security CentOS 6 Level 1 Benchmark, 1.0.0)
  • Title: Disable chargen-dgram Description: chargen-dram is a network service that responds with 0 to 512 ASCII characters for each datagram it receives. This service is intended for debugging and testing puposes. It is recommended that this service be disabled. Rationale: Disabling this service… (Rule:xccdf_org.cisecurity.benchmarks_rule_2.1.12_Disable_chargen-dgram Artifact Expression:xccdf_org.cisecurity.benchmarks_ae_2.1.12.1_services.chargen-dgram, The Center for Internet Security Red Hat Enterprise Linux 6 Level 1 Benchmark, 1.2.0)
  • Title: Disable chargen-stream Description: chargen-stream is a network service that responds with 0 to 512 ASCII characters for each connection it receives. This service is intended for debugging and testing puposes. It is recommended that this service be disabled. Rationale: Disabling this se… (Rule:xccdf_org.cisecurity.benchmarks_rule_2.1.13_Disable_chargen-stream Artifact Expression:xccdf_org.cisecurity.benchmarks_ae_2.1.13.1_services.chargen-stream, The Center for Internet Security Red Hat Enterprise Linux 6 Level 1 Benchmark, 1.2.0)
  • Title: Disable chargen-dgram Description: chargen-dram is a network service that responds with 0 to 512 ASCII characters for each datagram it receives. This service is intended for debugging and testing puposes. It is recommended that this service be disabled. Rationale: Disabling this service… (Rule:xccdf_org.cisecurity.benchmarks_rule_2.1.12_Disable_chargen-dgram Artifact Expression:xccdf_org.cisecurity.benchmarks_ae_2.1.12.1_services.chargen-dgram, The Center for Internet Security Red Hat Enterprise Linux 6 Level 2 Benchmark, 1.2.0)
  • Title: Disable chargen-stream Description: chargen-stream is a network service that responds with 0 to 512 ASCII characters for each connection it receives. This service is intended for debugging and testing puposes. It is recommended that this service be disabled. Rationale: Disabling this se… (Rule:xccdf_org.cisecurity.benchmarks_rule_2.1.13_Disable_chargen-stream Artifact Expression:xccdf_org.cisecurity.benchmarks_ae_2.1.13.1_services.chargen-stream, The Center for Internet Security Red Hat Enterprise Linux 6 Level 2 Benchmark, 1.2.0)
  • Title: Ensure chargen is not enabled Description: chargen is a network service that responds with 0 to 512 ASCII characters for each connection it receives. This service is intended for debugging and testing purposes. It is recommended that this service be disabled. Rationale: Disabling … (Rule: xccdf_org.cisecurity.benchmarks_rule_5.2_Ensure_chargen_is_not_enabled Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_5.2.1_services.chargen-stream, The Center for Internet Security Ubuntu 12.04 LTS Level 1 Benchmark, v1.0.0)
  • Title: Ensure chargen is not enabled Description: chargen is a network service that responds with 0 to 512 ASCII characters for each connection it receives. This service is intended for debugging and testing purposes. It is recommended that this service be disabled. Rationale: Disabling … (Rule: xccdf_org.cisecurity.benchmarks_rule_5.2_Ensure_chargen_is_not_enabled Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_5.2.1_services.chargen-stream, The Center for Internet Security Ubuntu 12.04 LTS Level 2 Benchmark, v1.0.0)
  • chargen service should be enabled or disabled as appropriate Technical Mechanisms: via inetd via inetd.conf Parameters: enabled/disabled References: 10.8.10.5.4.1 (11) #4 (CCE-5506-1, Common Configuration Enumeration List, Combined XML: AIX 5.3, 5.20130214)
  • chargen service should be enabled or disabled as appropriate Technical Mechanisms: via inetd via inetd.conf Parameters: enabled/disabled References: 10.8.10.5.4.1 (11) #4 (CCE-5460-1, Common Configuration Enumeration List, Combined XML: HP-UX 11.23, 5.20130214)
  • chargen service should be enabled or disabled as appropriate Technical Mechanisms: via xinetd Parameters: enabled/disabled References: 10.8.10.5.4.1 (11) #4 (CCE-6277-8, Common Configuration Enumeration List, Combined XML: Red Hat Enterprise Linux 4, 5.20130214)
  • chargen service should be enabled or disabled as appropriate Technical Mechanisms: via inetd via inetd.conf Parameters: enabled/disabled References: 10.8.10.5.4.1 (11) #4 (CCE-6288-5, Common Configuration Enumeration List, Combined XML: Sun Solaris 8, 5.20130214)
  • chargen service should be enabled or disabled as appropriate Technical Mechanisms: via inetd via inetd.conf Parameters: enabled/disabled References: 10.8.10.5.4.1 (11) #4 (CCE-7156-3, Common Configuration Enumeration List, Combined XML: Sun Solaris 9, 5.20130214)