Save your server from the threat of CHARGEN

It's real

As systems evolve, technology that was once beneficial can be exposed as harmful and – unfortunately – left intact. Like an ancient horror lurking in the depths. Or leftovers in the back of the fridge.

Such is the story of CHARGEN (short for Character Generator Protocol).

Back when computers processed words and crunched numbers, CHARGEN tested applications’ ability to talk to the Internet, debug what didn’t work, and measure how well it all went. Unfortunately, that was 1983, and even though CHARGEN is still installed on a lot of computers, that’s no longer what it’s used for.

CHARGEN is now mostly abused – a tool used by hackers to amplify the power of DDoS attacks because it spits back 200 to 1,000 times the data it receives.

For a metaphor, an attacker could hack into a server and send CHARGEN one incredibly steamy page from Twilight: New Moon, and CHARGEN would then reply with a decidedly unsexy selection from the Encyclopedia Brittanica, detailing everything that begins with the letters A, Q and R.

The server then has to slog through all of that information, slowing it down considerably. Each subsequent page from the smash-hit vampire teen romance causes further slowing, until your server’s capable of nothing more than letting out a resigned sigh. A cruel fate.

OK – I’m scared. What can I do?

Fortunately, disabling CHARGEN and saving your server is pretty easy. We have all of the information you need outlined here.