kernel-disable-tcp-timestamps.md

Disable TCP - timestamps

Why ?

When timestamps are enabled, attacker can find out how long 
the system is already running.

By so, he can evtl findout the patch - level of the system.

Test (Centos)

# Enabled 
main (Server):
yum install httpd
systemctl start httpd 
sysctl net.ipv4.tcp_timestamps
net.ipv4.tcp_timestamps = 1
 
secondary (Server):
yum install epel-release
yum install hping3
hping3 -S -p 80  --tcp-timestamp

# now switch it off 
main (server):
sysctl net.ipv4.tcp_timestamps = 0 

secondary (server):
hping3 -S -p 80  --tcp-timestamp

Ref:

https://netsense.ch/blog/tcp-timestamps/