Uploaded image for project: 'CloudStack'
  1. CloudStack
  2. CLOUDSTACK-5243

SSVM responds with timestamp

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 4.2.0
    • 4.4.3
    • None
    • Security Level: Public (Anyone can view this level - this is the default.)

    Description

      Scanners report SSVM responded with a TCP timestamp and that “the TCP timestamp response can be used to approximate the remote host's uptime, potentially aiding in further attacks. Additionally, some operating systems can be fingerprinted based on the behavior of their TCP timestamps.” The fix is straightforward:

      Set the value of net.ipv4.tcp_timestamps to 0 by running the following command:
      sysctl -w net.ipv4.tcp_timestamps=0
      Additionally, put the following value in the default sysctl configuration file, generally sysctl.conf:
      net.ipv4.tcp_timestamps=0

      Identified by: Demetrius Tsitrelis from Citrix

      Attachments

        Activity

          People

            bhaisaab Rohit Yadav
            jlk John Kinsella
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: