On Mon, May 13, 2019 at 09:33:13AM +0800, Weilong Chen wrote: > The remote host answers to an ICMP timestamp request. > This allows an attacker to know the time and date on your host.
Why is that a problem? If it is, does it also mean that it is a security problem to have your time in sync (because then the attacker doesn't even need ICMP timestamps to know the time and date on your host)? > This path is an another way contrast to iptables rules: > iptables -A input -p icmp --icmp-type timestamp-request -j DROP > iptables -A output -p icmp --icmp-type timestamp-reply -j DROP > > Default is disabled to improve security. If we need a sysctl for this (and I'm not convinced we do), I would prefer preserving current behaviour by default. Michal Kubecek
