Jump to content

Character Generator Protocol

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Zx-man (talk | contribs) at 13:03, 19 September 2007. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Internet protocol suite
Application layer
Transport layer
Internet layer
Link layer

The CHARGEN (character generator) service is an internet protocol defined in RFC 864. It is intended for testing and measurement purposes.

A host may connect to a server that supports the CHARGEN protocol, on either TCP or UDP port 19. Upon opening a TCP connection, the server starts sending arbitrary characters to the connecting host and continues until the hosts closes the connection. In the UDP version of the protocol, the server sends an UDP packet containing a random number (between 0 and 512) of characters every time it receives an UDP packet from the connecting host. Any data received by the server is thrown away.

Inetd implementation of CHARGEN

On Linux, FreeBSD, and other UNIX-like operating systems a chargen server is built into the inetd daemon. The chargen service is usually not enabled by default. It may be enabled by adding the following lines to the file /etc/inetd.conf and telling inetd to reload its configuration: 

chargen   stream  tcp     nowait  root    internal
chargen   dgram   udp     wait    root    internal

Examples of use

  • As a source of generic byte-stream payload for debugging TCP and/or UDP based network code for proper bounds checking and buffer management.
  • Can also be a source of generic payload for bandwidth measurement and/or QoS fine-tuning.

A sample session

A typical CHARGEN session looks like this: first the user connects to the host using a telnet client. 

$ telnet localhost chargen
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.

What follows is a stream of bytes. Although the precise format of the output is not prescribed by RFC 864, the recommended pattern (and a de-facto standard) is shifted lines of 72 [[ASCII[] characters repeating : 

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefgh
"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghi
#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghij
$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijk
%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijkl
&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklm

It goes on until the client quits. 

^]
telnet> quit
Connection closed.

Abuse

  • Was used maliciously to crash MS DNS servers running Microsoft Windows NT 4.0 by piping the arbitrary characters straight into the port the DNS server listens on (telnet ntbox 19 | telnet ntbox 53). [1] However, the attack was presumably a symptom of improper buffer management on the part of Microsoft's DNS service and not directly related to the CHARGEN service.

See also

External links

  • The Character Generator Protocol (RFC 864)
Retrieved from "https://en.wikipedia.org/w/index.php?title=Character_Generator_Protocol&oldid=158940661"