Character Generator Protocol: Difference between revisions
wikilink breaks autolink |
No edit summary |
||
Line 14: | Line 14: | ||
* As a source of generic byte-stream payload for debugging TCP and/or UDP based network code for proper bounds checking and buffer management. |
* As a source of generic byte-stream payload for debugging TCP and/or UDP based network code for proper bounds checking and buffer management. |
||
* Can also be a source of generic payload for bandwidth measurement and/or QoS fine-tuning. |
* Can also be a source of generic payload for bandwidth measurement and/or QoS fine-tuning. |
||
== A sample session == |
|||
A typical CHARGEN session looks like this: first the user connects to the host using a [[telnet]] client. |
|||
$ telnet localhost chargen |
|||
Trying 127.0.0.1... |
|||
Connected to localhost. |
|||
Escape character is '^]'. |
|||
What follows is a stream of [[byte]]s. Although the precise format of the output is not prescribed by RFC 864, the recommended pattern (and a [[de-facto standard]]) is shifted lines of 72 [[ASCII[] characters repeating : |
|||
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefgh |
|||
"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghi |
|||
#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghij |
|||
$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijk |
|||
%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijkl |
|||
&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklm |
|||
It goes on until the client quits. |
|||
^] |
|||
telnet> quit |
|||
Connection closed. |
|||
== Abuse == |
== Abuse == |
Revision as of 13:03, 19 September 2007
Internet protocol suite |
---|
Application layer |
Transport layer |
Internet layer |
Link layer |
The CHARGEN (character generator) service is an internet protocol defined in RFC 864. It is intended for testing and measurement purposes.
A host may connect to a server that supports the CHARGEN protocol, on either TCP or UDP port 19. Upon opening a TCP connection, the server starts sending arbitrary characters to the connecting host and continues until the hosts closes the connection. In the UDP version of the protocol, the server sends an UDP packet containing a random number (between 0 and 512) of characters every time it receives an UDP packet from the connecting host. Any data received by the server is thrown away.
Inetd implementation of CHARGEN
On Linux, FreeBSD, and other UNIX-like operating systems a chargen server is built into the inetd daemon. The chargen service is usually not enabled by default. It may be enabled by adding the following lines to the file /etc/inetd.conf and telling inetd to reload its configuration:
chargen stream tcp nowait root internal chargen dgram udp wait root internal
Examples of use
- As a source of generic byte-stream payload for debugging TCP and/or UDP based network code for proper bounds checking and buffer management.
- Can also be a source of generic payload for bandwidth measurement and/or QoS fine-tuning.
A sample session
A typical CHARGEN session looks like this: first the user connects to the host using a telnet client.
$ telnet localhost chargen Trying 127.0.0.1... Connected to localhost. Escape character is '^]'.
What follows is a stream of bytes. Although the precise format of the output is not prescribed by RFC 864, the recommended pattern (and a de-facto standard) is shifted lines of 72 [[ASCII[] characters repeating :
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefgh "#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghi #$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghij $%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijk %&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijkl &'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklm
It goes on until the client quits.
^] telnet> quit Connection closed.
Abuse
- Was used maliciously to crash MS DNS servers running Microsoft Windows NT 4.0 by piping the arbitrary characters straight into the port the DNS server listens on (telnet ntbox 19 | telnet ntbox 53). [1] However, the attack was presumably a symptom of improper buffer management on the part of Microsoft's DNS service and not directly related to the CHARGEN service.
See also
External links
- The Character Generator Protocol (RFC 864)