Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

NIOS DNS DHCP IPAM

Reply

Vulnerability Scanning - TCP timestamp response

[ Edited ]
New Member
Posts: 2
16381     0

Hi All,

 

I would like to ssek your assistance on the following vunerability:

 

TCP timestamp response (generic-tcp-timestamp)

 

Description:

 

The remote host responded with a TCP timestamp. The TCP timestamp response can be used to approximate the remote host's uptime, potentially aiding in further attacks. Additionally, some operating systems can be fingerprinted based on the behavior of their TCP timestamps.

 

Is there any documentation or guide to disable the TCP timestamp on Infoblox appliances? Is this the best practise recommended by Infoblox? 

 

Thanks,

Victor

Re: Vulnerability Scanning - TCP timestamp response

[ Edited ]
Authority
Posts: 14
16382     0

I believe the feature to disable TCP timestamps is coming in nios 8.4.

I would a suggest contacting your SE for more info on this feature and the pros and cons to using it.

Re: Vulnerability Scanning - TCP timestamp response

Authority
Posts: 14
16382     0

This is RFE-1174 for those interested.  This feature was included in the NIOS 8.4-EA code so it is pretty safe to say it will be delivered as part of the GA NIOS 8.4.0 release.

Re: Vulnerability Scanning - TCP timestamp response

[ Edited ]
New Member
Posts: 1
16382     0

This is absolutely true that the TCP timestamp response can be used to approximate the remote host's uptime.

 

<External link removed -Moderator>

Re: Vulnerability Scanning - TCP timestamp response

New Member
Posts: 2
16382     0

Thanks for the info. 

Showing results for 
Search instead for 
Did you mean: 

Recommended for You

NIOS 8.6.3 – What’s New in DDI