Developers Documentation

×

Warning

301 error for file:https://clearos.com/dokuwiki2/lib/exe/css.php?t=dokuwiki&tseed=82873f9c9a1f5784b951644363f20ef8

User Tools

Site Tools


TCPIP Timestamps Supported

This entry from Security Metrics shows that your server is using TCP/IP timestamps. TCP timestamps are part of best practices as defined in RFC 1323. Additionally, there is a negative impact for disabling this function of the TCP/IP stack.

ClearCenter response

Short response

This portion of the TCP/IP standard protocol is not a specific risk.

Long response

While it is possible to determine server uptime with this method, that is not necessarily an advantage to a hacker. Most services on Linux can be updated without rebooting the server so there isn't an advantage, especially with ClearOS which can update from version to version within a series with a required reboot (all except the kernel is put into effect).

Additionally, because the network stack can be rebooted at ANYTIME this information is not an accurate representation of the actual uptime.

Resolution

No action required.

content/en_us/kb_3rdparty_security_metrics_tcp-ip_timestamps_supported.txt · Last modified: 2015/01/29 09:51 (external edit)

https://clearos.com/dokuwiki2/lib/exe/indexer.php?id=content%3Aen_us%3Akb_3rdparty_security_metrics_tcp-ip_timestamps_supported&1710846676