Cryptzone Support

If you wish to submit a support ticket please sign in to your customer portal or use the “submit a ticket” button at the top menu.
If you need to find documentation about our Sheriff Suite please login to the Hive- Click Here



Timestamps & RFC1323

« Go Back

When performing scans against AppGate, reports will sometimes indicate that the host implements RFC1323 and that timestamps are sent out. This is usually only rated as a low risk.

The identified risks are twofold; an attacker can calculate uptime and therefore may be able to identify machines which have not been maintained or patched for long periods of time; it might be possible to identify alternative IP addresses relating to the same machine which are less well protected.

The upside of using timestamps relates to network performance whereby TCP packets can be quickly identified as being old.

Since an AppGate server is designed to maintain a high security posture over long periods by default, neither of the risks are very relevant and since there may be network performance benefits, timestamps are intentionally enabled. Any such reports in a scan assessment should only be acted upon if there are other extenuating circumstances.

Article Info
1/4/2016 1:25 PM
1/4/2016 1:25 PM



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255