1
We have a virtual system running Windows Server 2008 R2, and it responds on TCP port 7 (echo). (I.e, in response to a SYN it sends ACK,RST, which is enough to make InetAddress#isReachable() return true
.)
However, this system does not have the 'Simple TCP/IP services' feature enabled. And checking netstat -a
, there is nothing listening on port 7.
So who is responding to the TCP echo requests?
Note that a physical Windows 7 system, which also does not have 'Simple TCP/IP services' enabled, does not respond (as expected). And switching on that feature and starting the corresponding Windows service makes netstat -a
show
TCP 0.0.0.0:7 WINDOWS7HOSTNAME:0 LISTENING
(again: as expected).
As far as we've seen now, our Windows Server 2008 / 2008 R2 systems (which are all virtual) respond unexpectedly, and the Windows 7 systems (which are all physical and don't have 'Simple TCP/IP services' enabled) do not respond, as expected.
My question: why does a virtual system running Windows Server respond on TCP echo port 7, without 'Simple TCP/IP services' enabled?
Could this be caused by the virtualization software (which I think is VMware ESX)? Or is this a feature in Windows Server editions? What other cause could there be?