On Thu, Mar 29, 2018 at 01:43:48PM -0400, Richard Sass wrote: > "The remote host implements TCP timestamps, as defined by RFC1323. A > side effect of this feature is that the uptime of the remote host can be > sometimes be computed." > > Additional: http://www.securiteam.com/securitynews/5NP0C153PI.html > > I think the thought behind this is that if a person can determine the uptime > of a system then this might be additional information that could be used to > target an attack. For example: if a system has been up for a year then it > probably hasn't been patched with recent security patches giving the > attacker another piece of information on how to attack the system. I'm not > sure if there may be more to it than that.
Probably no such big deal, but it could be easy to use a per-connection relative timespamp ... just use (uptime - time_of_connection) -- Manuel Bouyer <bou...@antioche.eu.org> NetBSD: 26 ans d'experience feront toujours la difference --