Trying to block TCP timestamp request.

SUSE Linux Enterprise Server SLES Networking
1

Hi,

I am trying to block the tcp timestamp request by adding
net.ipv4.tcp_timestamps = 0 to /etc/sysctl.conf and reboot. However, it
does not seem to work. The system still accepting tcp timestamp request
and replying to it.

sysctl -a | grep timestamp
net.ipv4.tcp_timestamps = 0

cat /proc/sys/net/ipv4/tcp_timestamps
0

using this tool to do tcp timestamp request ( hping3 --tcp-timestamp
HOST_IP )

Thanks

–Guang


guangsu

guangsu’s Profile: http://forums.novell.com/member.php?userid=64346
View this thread: http://forums.novell.com/showthread.php?t=448534

2

On Mon, 21 Nov 2011 23:16:01 GMT
guangsu guangsu@no-mx.forums.novell.com wrote:
[color=blue]

Hi,

I am trying to block the tcp timestamp request by adding
net.ipv4.tcp_timestamps = 0 to /etc/sysctl.conf and reboot. However,
it does not seem to work. The system still accepting tcp timestamp
request and replying to it.

sysctl -a | grep timestamp
net.ipv4.tcp_timestamps = 0

cat /proc/sys/net/ipv4/tcp_timestamps
0

using this tool to do tcp timestamp request ( hping3 --tcp-timestamp
HOST_IP )

Thanks

–Guang

[/color]
Hi
You probably need to add some iptables rules;
http://blog.theroux.ca/security/disable-tcp-timestamps-on-linux/


Cheers Malcolm °¿° (Linux Counter #276890)
openSUSE 11.4 (x86_64) Kernel 2.6.37.6-0.9-desktop
up 5 days 3:00, 5 users, load average: 0.02, 0.04, 0.05
GPU GeForce 8600 GTS Silent - Driver Version: 285.05.09