Forum Discussion
Impact of disabling TCP Timestamp in TCP and fasl4 profile
Totally aggre with Paulius. TCP timestamps exist for a reason, and disabling them might degrade performance in a way that would be much more harmful than some exploit that would use those timestamps.
Your risk assessment probably said something like "low risk" but didn't provide much more information, right? Well, the truth is you can't exploit timestamps directly, but they can be used to gather a little more information on a possible target, like operating system or uptime. Keep your systems patched for high/medium security risks and you won't have to worry about this kind of thing.
Here are some useful links:
https://www.ietf.org/rfc/rfc1323.txt
https://raxis.com/blog/2018/06/04/goodies-for-hoodies-tcp-timestamps
https://stackoverflow.com/questions/7880383/what-benefit-is-conferred-by-tcp-timestamp
https://www.rapid7.com/db/vulnerabilities/generic-tcp-timestamp/
/Mike
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com