Resetting tcp timestamp

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



TCP timestamps on some (but not all?) of our CentOs hosts are being
reported as a vulnerability by OSSIM.  I have looked into the matter
briefly and cannot say that I consider this a serious security issue.

The vulnerability seems limited to determining the uptime of the
target host. The question therefore arises as to whether or not there
is any way to reset the tcp timestamp present value to zero or some
randomly determined value.  If not then what are the technical
impediments?

I am cognisant of the role of tcp timestamps in handling serial number
rollovers.  However, since the timestamp itself also must rollover,
given sufficient uptime (~288 days I believe I read), what prevents
one from manually forcing that event?  Is there such a means provided
in CentOS6?


-- 
***          e-Mail is NOT a SECURE channel          ***
        Do NOT transmit sensitive data via e-Mail
James B. Byrne                mailto:ByrneJB@xxxxxxxxxxxxx
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux