11-12-2014 12:38 PM - edited 03-11-2019 10:04 PM
Hi. I know some forums have been created regarding this issue. I've read many things, nevertheless It's still not very clear to me. A client asked us to give them a recommendation about this vulnerability:
TCP timestamp response
I know this feature can help an attacker to calculate a server's uptime. But, should I recommend them to configure anything in the ASA to mitigate this vulnerability? Clearing TCP timestamps? What's its impact? --> "Clearing the timestamp option disables PAWS and RTT." --> ??
(They have CISCO ASA 9.1(5)10 and CISCO ASA 9.0(1))
Thanks a lot!!
11-12-2014 06:48 PM
Hi,
Check this for more information:-
https://supportforums.cisco.com/discussion/12323026/tcp-timestamps-security-vulnerabilities
Thanks and Regards,
Vibhor Amrodia
11-13-2014 06:19 AM
Thanks. I've read many things about this. I just need a recommendation because I need to find a balance: I can clear timestamps, using tcp-map, but I've read PAWS is going to be disabled, and this might cause many TCP sessions to be reset.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide