How to Disable TCP Timestamps

An attacker may reveal system uptime from TCP Timestamps. This allows the attacker to guess the version of the latest security patches applied to the system.

Instructions to disable Linux Systems

First check if TCP timestamps are enabled in your system:

[root@doc-nginx ~]# sysctl -a | grep net.ipv4.tcp_timestamps
net.ipv4.tcp_timestamps = 1

If you get an integer value other than 0 use the command below to disable TCP timestamps:

echo "net.ipv4.tcp_timestamps = 0" >> /etc/sysctl.conf 

Run the command to apply systctl settings without rebooting:

sysctl -p

and check again:

[root@doc-nginx ~]# sysctl -a | grep net.ipv4.tcp_timestamps
net.ipv4.tcp_timestamps = 0

Instructions to disable for Windows Systems

Run the command below with Administrator Privileges:

netsh int tcp set global timestamps=disabled

You will be prompted with an “Ok.” as the result.