topic Thanks. I've read many things in Network Security

Doubt regarding TCP Timestamp response

Soporteco — Tue, 12 Mar 2019 05:04:24 GMT

Hi. I know some forums have been created regarding this issue. I've read many things, nevertheless It's still not very clear to me. A client asked us to give them a recommendation about this vulnerability:

TCP timestamp response

I know this feature can help an attacker to calculate a server's uptime. But, should I recommend them to configure anything in the ASA to mitigate this vulnerability? Clearing TCP timestamps? What's its impact? --> "Clearing the timestamp option disables PAWS and RTT." --> ??

(They have CISCO ASA 9.1(5)10 and CISCO ASA 9.0(1))

Thanks a lot!!

Hi,Check this for more

Vibhor Amrodia — Thu, 13 Nov 2014 02:48:45 GMT

Hi,

Check this for more information:-

https://supportforums.cisco.com/discussion/12323026/tcp-timestamps-security-vulnerabilities

Thanks and Regards,

Vibhor Amrodia

Thanks. I've read many things

Soporteco — Thu, 13 Nov 2014 14:19:16 GMT

Thanks. I've read many things about this. I just need a recommendation because I need to find a balance: I can clear timestamps, using tcp-map, but I've read PAWS is going to be disabled, and this might cause many TCP sessions to be reset.