How to Disable CHARGEN on Your Server

CHARGEN-exploited DDoS attacks are simplistic but effective. Using a flawed and outdated testing/debugging protocol that has not been removed from most operating systems. Disabling CHARGEN will stop a server from being misused by an attacker in their efforts to disrupt another server.

DIFFICULTY Basic - 1 | Medium - 2 | Advanced - 3
RELATED PRODUCTS VPS or dedicated servers

Windows-based Servers

From the cmd prompt (run as Administrator on Windows Server 2012), run:

sc stop simptcp


        TYPE               : 20  WIN32_SHARE_PROCESS
        STATE              : 3  STOP_PENDING
                                (STOPPABLE, PAUSABLE, IGNORES_SHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x1
        WAIT_HINT          : 0x4e20

Then run:

sc config simptcp start= disabled


[SC] ChangeServiceConfig SUCCESS

Linux Server

Access your server via SSH as root.

Locate the following file:


Edit the file to include (add if not there already) under the Environmental options header:

enabled = chargen-stream

Remember to restart the xinetd service:

service xinetd restart

You may also find this same line in other files of /etc/xinetd.d/

As CHARGEN can be re-enabled through a simple reversal of these steps a simple malicious script could be used to again open up a server for exploit. Please refer to our other server security articles for steps and tips to reducing the chances of an exploited server.

Was This Article Helpful?
Thank You For Your Feedback
Glad we helped! Anything more we can do for you?
Sorry about that. How can we be more helpful?