John Kinsella created CLOUDSTACK-5243:
-----------------------------------------
Summary: SSVM responds with timestamp
Key: CLOUDSTACK-5243
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-5243
Project: CloudStack
Issue Type: Bug
Security Level: Public (Anyone can view this level - this is the default.)
Affects Versions: 4.2.0
Reporter: John Kinsella
Fix For: 4.3.0
Scanners report SSVM responded with a TCP timestamp and that “the TCP timestamp
response can be used to approximate the remote host's uptime, potentially
aiding in further attacks. Additionally, some operating systems can be
fingerprinted based on the behavior of their TCP timestamps.” The fix is
straightforward:
Identified by: Demetrius Tsitrelis from Citrix
--
This message was sent by Atlassian JIRA
(v6.1#6144)
