Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3041
Views
4
Helpful
2
Replies

Doubt regarding TCP Timestamp response

Soporteco
Level 1
Level 1

‎11-12-2014 12:38 PM - edited ‎03-11-2019 10:04 PM

Hi. I know some forums have been created regarding this issue. I've read many things, nevertheless It's still not very clear to me. A client asked us to give them a recommendation about this vulnerability:

TCP timestamp response

I know this feature can help an attacker to calculate a server's uptime. But, should I recommend them to configure anything in the ASA to mitigate this vulnerability? Clearing TCP timestamps? What's its impact? --> "Clearing the timestamp option disables PAWS and RTT." --> ??

(They have CISCO ASA 9.1(5)10 and CISCO ASA 9.0(1))

Thanks a lot!!

Labels:
0 Helpful
2 Replies 2

Vibhor Amrodia
Cisco Employee
Cisco Employee

‎11-12-2014 06:48 PM

Hi,

Check this for more information:-

https://supportforums.cisco.com/discussion/12323026/tcp-timestamps-security-vulnerabilities

Thanks and Regards,

Vibhor Amrodia

Soporteco
Level 1
Level 1
In response to Vibhor Amrodia

‎11-13-2014 06:19 AM

Thanks. I've read many things about this. I just need a recommendation because I need to find a balance: I can clear timestamps, using tcp-map, but I've read PAWS is going to be disabled, and this might cause many TCP sessions to be reset.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card