UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The system must not process Internet Control Message Protocol [ICMP] timestamp requests.


Overview

Finding ID Version Rule ID IA Controls Severity
V-67753 AOSX-11-001220 SV-82243r1_rule Medium
Description
ICMP Timestamp requests reveal information about the system and can be used to determine which operating system is installed. Precise time data can also be used to launch time based attacks against the system. Configuring the system to drop incoming ICMPv4 timestamp requests mitigates these risks.
STIG Date
Apple OS X 10.11 Security Technical Implementation Guide 2017-04-06

Details

Check Text ( C-68319r1_chk )
To check if the system is configured to process "ICMP timestamp" requests, run the following command:

sysctl net.inet.icmp.timestamp

If the value is not set to "0", this is a finding.
Fix Text (F-73867r1_fix)
To disable "ICMP timestamp" responses, add the following line to "/etc/sysctl.conf", creating the file if necessary:

net.inet.icmp.timestamp=0