> > it turned out that OpenBSD allows icmp timestamping by default: > > > > net.inet.icmp.tstamprepl=1 > > > > what was that done for ? > > well, why not? > > if you have some program vulnerable to a "the attacker knows the time" > attack, i don't think turning off icmp timestamps will save you. the > attacker could reasonably guess that your system time is going to be > close to his system time. unless you are going to deliberately set the > clock wrong on all your systems. fixing the vulnerability seems like a > better idea.
there is also this thing called ntp that is becoming rather common. if you're not doing time distribution to your systems, ah, i see the problem.