Check or Attack Name: Chargen Patch

An unpatched version of Windows NT Simple TCP/IP services has been detected. It is possible for an attacker to cause a network denial of service by sending broadcast UDP packets to the Windows NT chargen service.

Apply the latest Windows NT 4.0 Service Pack or the post-SP3 simptcp-fix patch.

To install the latest Windows NT 4.0 Service Pack:

1. Open a web browser.
2. Go to http://support.microsoft.com/support/ntserver/Content/ServicePacks/ and follow the directions to download the appropriate service pack for your computer.
3. Find the installation program you downloaded to your computer.
4. Double-click the program icon to start the installation.
5. Follow the installation directions.

—OR—

Windows NT 4.0 Service Pack 3 (SP3) users must apply the post-SP3 simp-tcp patch available from ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfixes-postSP3/simptcp-fix/.

Microsoft Knowledge Base Article Q154460, Denial of Service Attack Against WinNT Simple TCP/IP Services, http://support.microsoft.com/support/kb/articles/q154/4/60.asp

Microsoft Knowledge Base Article Q154460, Denial of Service Attack Against WinNT Simple TCP/IP Services, ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40/hotfixes-postSP3/simptcp-fix/Q154460.TXT