This document explains what Transport Control Protocol (TCP) and User
Datagram Protocol (UDP) small servers are, how to enable or disable them on a
router, and describes the various available services associated with them.
There are no specific requirements for this document.
The information in this document is based on Cisco IOS® Software
The information in this document was created from the devices in a
specific lab environment. All of the devices used in this document started with
a cleared (default) configuration. If your network is live, make sure that you
understand the potential impact of any command.
For more information on document conventions, refer to the
Technical Tips Conventions.
TCP and UDP small servers are servers (daemons, in Unix parlance) that
run in the router which are useful for diagnostics.
The TCP small servers are:
Echo: Echoes back whatever you type through the
telnet x.x.x.x echo command.
Chargen: Generates a stream of ASCII data. Use the
telnet x.x.x.x chargen command.
Discard: Throws away whatever you type. Use the
telnet x.x.x.x discard command.
Daytime: Returns system date and time, if it is
correct. It is correct if you run Network Time Protocol (NTP), or have set the
date and time manually from the exec level. Use the telnet x.x.x.x
Replace x.x.x.x with the IP address of your router. Most routers inside
Cisco run the small servers.
The UDP small servers are:
Echo: Echoes the payload of the datagram you send.
Discard: Silently pitches the datagram you send.
Chargen: Pitches the datagram you send, and responds
with a 72-character string of ASCII characters terminated with a CR+LF.
Almost all Unix boxes support the small servers listed above.
The router also offers finger service and async line bootp service,
which you can independently turn off with the configuration global commands
no service finger and no ip bootp
The commands to enable for the TCP and UDP small servers are
service tcp-small-servers and service
The TCP and UDP small servers are enabled by default on Cisco IOS
Software Version 11.2 and earlier. They may be disabled using the commands
no service tcp-small-servers and no
service udp-small-servers. They are disabled by default on Cisco
IOS Software Versions 11.3 and later.
It is recommended that you do not enable these services unless it is
absolutely necessary. These services could be exploited indirectly to gain
information about the target system or directly as is the case with the fraggle
attack which uses UDP echo.