ID de Prueba:	1.3.6.1.4.1.25623.1.0.80091
Categoría:	General
Título:	TCP Timestamps Information Disclosure
Resumen:	The remote host implements TCP timestamps and therefore allows; to compute the uptime.
Descripción:	Summary: The remote host implements TCP timestamps and therefore allows to compute the uptime. Vulnerability Insight: The remote host implements TCP timestamps, as defined by RFC1323/RFC7323. Vulnerability Impact: A side effect of this feature is that the uptime of the remote host can sometimes be computed. Affected Software/OS: TCP implementations that implement RFC1323/RFC7323. Solution: To disable TCP timestamps on linux add the line 'net.ipv4.tcp_timestamps = 0' to /etc/sysctl.conf. Execute 'sysctl -p' to apply the settings at runtime. To disable TCP timestamps on Windows execute 'netsh int tcp set global timestamps=disabled' Starting with Windows Server 2008 and Vista, the timestamp can not be completely disabled. The default behavior of the TCP/IP stack on this Systems is to not use the Timestamp options when initiating TCP connections, but use them if the TCP peer that is initiating communication includes them in their synchronize (SYN) segment. See the references for more information. CVSS Score: 2.6 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N
Copyright	Copyright (C) 2008 Michel Arboi

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.