On Thu, Oct 10, 2013 at 09:21, Илья Шипицин wrote: > it turned out that OpenBSD allows icmp timestamping by default: > > net.inet.icmp.tstamprepl=1 > > what was that done for ?
well, why not? if you have some program vulnerable to a "the attacker knows the time" attack, i don't think turning off icmp timestamps will save you. the attacker could reasonably guess that your system time is going to be close to his system time. unless you are going to deliberately set the clock wrong on all your systems. fixing the vulnerability seems like a better idea.