Learn How We Can Help You Keep Teleworkers Protected During the COVID-19 Crisis

DNS DHCP IPAM

Reply
Highlighted
Accepted Solution

Vulnerability Scanning - TCP timestamp response

[ Edited ]
Techie
Posts: 3
6782     0

Hi All,

 

I would like to ssek your assistance on the following vunerability:

 

TCP timestamp response (generic-tcp-timestamp)

 

Description:

 

The remote host responded with a TCP timestamp. The TCP timestamp response can be used to approximate the remote host's uptime, potentially aiding in further attacks. Additionally, some operating systems can be fingerprinted based on the behavior of their TCP timestamps.

 

Is there any documentation or guide to disable the TCP timestamp on Infoblox appliances? Is this the best practise recommended by Infoblox? 

 

Thanks,

Victor

Highlighted

Re: Vulnerability Scanning - TCP timestamp response

[ Edited ]
Authority
Posts: 45
6782     0

I believe the feature to disable TCP timestamps is coming in nios 8.4.

I would a suggest contacting your SE for more info on this feature and the pros and cons to using it.

Highlighted

Re: Vulnerability Scanning - TCP timestamp response

Authority
Posts: 45
6782     0

This is RFE-1174 for those interested.  This feature was included in the NIOS 8.4-EA code so it is pretty safe to say it will be delivered as part of the GA NIOS 8.4.0 release.

Highlighted

Re: Vulnerability Scanning - TCP timestamp response

[ Edited ]
Techie
Posts: 1
6782     0

This is absolutely true that the TCP timestamp response can be used to approximate the remote host's uptime.

 

<External link removed -Moderator>

Highlighted

Re: Vulnerability Scanning - TCP timestamp response

Techie
Posts: 3
6782     0

Thanks for the info. 

Showing results for 
Search instead for 
Do you mean 

Recommended for You