Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-256576 | PHTN-30-000107 | SV-256576r887402_rule | Medium |
Description |
---|
TCP timestamps are used to provide protection against wrapped sequence numbers. It is possible to calculate system uptime (and boot time) by analyzing TCP timestamps. These calculated uptimes can help a bad actor in determining likely patch levels for vulnerabilities. |
STIG | Date |
---|---|
VMware vSphere 7.0 vCenter Appliance Photon OS Security Technical Implementation Guide | 2023-12-01 |
Check Text ( C-60251r887400_chk ) |
---|
At the command line, run the following command: # /sbin/sysctl -a --pattern "net.ipv4.tcp_timestamps$" Expected result: net.ipv4.tcp_timestamps = 1 If the output does not match the expected result, this is a finding. |
Fix Text (F-60194r887401_fix) |
---|
At the command line, run the following commands: # sed -i -e "/^net.ipv4.tcp_timestamps/d" /etc/sysctl.conf # echo net.ipv4.tcp_timestamps=1>>/etc/sysctl.conf # /sbin/sysctl --load |