agosto 30, 2010

TCP/IP Timestamps Supported

Mil y una veces nos encontramos con la misma vulnerabilidad en nessus, es realmente tan importante?
TCP/IP Timestamps Supported:

The remote host implements TCP timestamps, as defined by RFC1323.
A side effect of this feature is that the uptime of the remote host can sometimes be computed.

Echando un vistazo por internet nos encontramos con la respuesta

I would question why the tool complained in the first place. The TCP Timestamp option is an integral part of support for "large windows" and if one disables timestamps, one should also disable large window support (aka window scaling) and that would be Bad News (tm) for WAN performance.
The timestamp option is put into place to make certain that the "effective TCP sequence number" does not wrap in the lifetime of a TCP segment out on the network. Without timestamps, if TCP were going faster than a certain rate, it would be possible to wrap its 32-bit sequence number in less than the Maximum Segment Lifetime, and if that happened, there is the possibility of an old, delayed TCP segment being accepted as current data - silent data corruption is the result - unless the application above TCP has some sort of checking going-on. The probabilities may be small, but silent data corruption is Really Bad News (tm).