Check or Attack Name: echo

The echo service was detected as running. The echo (port 7) service can be spoofed into sending data from one service on one machine to another service on another machine. This action causes an infinite loop and creates a denial of service attack. The attack can consume increasing amounts of network bandwidth, causing loss of performance or a total shutdown of the affected network segments.

Disable the echo service if it is not used.

Unix: Disable the echo service by commenting out the echo entry in the /etc/inetd.conf file, then restarting the inetd process.

Windows: The echo service is not native to Windows, but may be present. To disable this service, follow these steps:

1. Open the Services control panel. From the Windows NT Start menu, select Settings/Control Panel/Services.
2. Select the Simple TCP/IP Services service and click Stop.
3. Click Startup.
4. To permanently stop all TCP/IP services, click Disabled.

—OR—

If you only want to disable the echo service:

1. Open the registry editor. From the Windows NT Start menu, select Run. Type regedt32 and click OK.
2. Select the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SimpTcp\Parameters key.
3. Set EnableTcpEcho and EnableUdpEcho to 0.
4. Restart the Simple TCP/IP service.