An attacker may reveal system uptime from TCP Timestamps. This allows the attacker to guess the version of the latest security patches applied to the system.
Instructions to disable Linux Systems
First check if TCP timestamps are enabled in your system:
[root@doc-nginx ~]# sysctl -a | grep net.ipv4.tcp_timestamps
net.ipv4.tcp_timestamps = 1If you get an integer value other than 0 use the command below to disable TCP timestamps:
echo "net.ipv4.tcp_timestamps = 0" >> /etc/sysctl.conf Run the command to apply systctl settings without rebooting:
sysctl -pand check again:
[root@doc-nginx ~]# sysctl -a | grep net.ipv4.tcp_timestamps
net.ipv4.tcp_timestamps = 0Instructions to disable for Windows Systems
Run the command below with Administrator Privileges:
netsh int tcp set global timestamps=disabledYou will be prompted with an “Ok.” as the result.