[
https://issues.apache.org/jira/browse/CLOUDSTACK-5243?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14089105#comment-14089105
]
Daan Hoogland commented on CLOUDSTACK-5243:
-------------------------------------------
is this trivial enough to put in 4.4.1? please comment.
> SSVM responds with timestamp
> ----------------------------
>
> Key: CLOUDSTACK-5243
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-5243
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Affects Versions: 4.2.0
> Reporter: John Kinsella
> Labels: security
> Fix For: 4.4.1
>
>
> Scanners report SSVM responded with a TCP timestamp and that “the TCP
> timestamp response can be used to approximate the remote host's uptime,
> potentially aiding in further attacks. Additionally, some operating systems
> can be fingerprinted based on the behavior of their TCP timestamps.” The fix
> is straightforward:
> Set the value of net.ipv4.tcp_timestamps to 0 by running the following
> command:
> sysctl -w net.ipv4.tcp_timestamps=0
> Additionally, put the following value in the default sysctl configuration
> file, generally sysctl.conf:
> net.ipv4.tcp_timestamps=0
> Identified by: Demetrius Tsitrelis from Citrix
--
This message was sent by Atlassian JIRA
(v6.2#6252)
