Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-67753 | AOSX-11-001220 | SV-82243r1_rule | Medium |
Description |
---|
ICMP Timestamp requests reveal information about the system and can be used to determine which operating system is installed. Precise time data can also be used to launch time based attacks against the system. Configuring the system to drop incoming ICMPv4 timestamp requests mitigates these risks. |
STIG | Date |
---|---|
Apple OS X 10.11 Security Technical Implementation Guide | 2017-04-06 |
Check Text ( C-68319r1_chk ) |
---|
To check if the system is configured to process "ICMP timestamp" requests, run the following command: sysctl net.inet.icmp.timestamp If the value is not set to "0", this is a finding. |
Fix Text (F-73867r1_fix) |
---|
To disable "ICMP timestamp" responses, add the following line to "/etc/sysctl.conf", creating the file if necessary: net.inet.icmp.timestamp=0 |