Cryptzone Support

 
If you wish to submit a support ticket please sign in to your customer portal or use the “submit a ticket” button at the top menu.
If you need to find documentation about our Sheriff Suite please login to the Hive- Click Here

 

Article

Timestamps & RFC1323

« Go Back

Information

 
Article Number000001994
Article

When performing scans against AppGate, reports will sometimes indicate that the host implements RFC1323 and that timestamps are sent out. This is usually only rated as a low risk.

The identified risks are twofold; an attacker can calculate uptime and therefore may be able to identify machines which have not been maintained or patched for long periods of time; it might be possible to identify alternative IP addresses relating to the same machine which are less well protected.

The upside of using timestamps relates to network performance whereby TCP packets can be quickly identified as being old.

Since an AppGate server is designed to maintain a high security posture over long periods by default, neither of the risks are very relevant and since there may be network performance benefits, timestamps are intentionally enabled. Any such reports in a scan assessment should only be acted upon if there are other extenuating circumstances.

Related File 
Additional Files 

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255