Cisco Support Community
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

TCP timestamps security vulnerabilities

On my ASA 5520 with version 9.1(2)8 I am getting a warning about tcp timestamps when running the external security scan. 

" It was detected that the host implements RFC1323"

Solution = Disable TCP timestamps


Please correct me if I am wrong, from what I can tell the security issues in RFC1323 have been fixed by RFC1948 and that has been obsoleted by RFC6528. But RFC1323 has been obsoleted by RFC7323, though RFC7323 was just released this September.

What should I do to eliminate my risk? Can I configure something on the ASA to use RFC1948 or 6528? Do I just have to disable tcp timestamps all together? 

I found this page on clearing tcp timestamps but that disables PAWS

thanks for any advice

Cisco Employee

Hi,You would have to disable


You would have to disable the time stamp to check for this RFC1323.

Check this on how to do it on the ASA device:-

Also check this for more information:-

Thanks and Regards,

Vibhor Amrodia

Community Member

I have done some more reading

I have done some more reading and found a couple of things about TCP Normalization and Randomization that can be configured on the ASA. Does anyone have any experience with that? Maybe it will help?

CreatePlease to create content