Warnaud's Wiki

User Tools

Site Tools

You are here: start » cybersecurity » openvas » fix » icmp
cybersecurity:openvas:fix:icmp

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

cybersecurity:openvas:fix:icmp [2023/11/17 09:04] – created warnaudcybersecurity:openvas:fix:icmp [2023/11/17 09:07] (current) warnaud
Line 1: Line 1:
 +====== ICMP Timestamp ======
 +To fix "ICMP Timestamp Reply Information Disclosure""
  
 +===== Iptable =====
 +
 +<code bash>
 +iptables -A INPUT -p icmp --icmp-type timestamp-request -j DROP
 +iptables -A OUTPUT -p icmp --icmp-type timestamp-reply -j DROP
 +</code>
 +==== Check ====
 +<code bash>iptables -L | grep timestamp</code>
 +<code>
 +DROP       icmp --  anywhere             anywhere             icmp timestamp-request
 +DROP       icmp --  anywhere             anywhere             icmp timestamp-reply
 +</code>
 +
 +===== Firewall-cmd =====
 +<code bash> firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT -5 -p icmp --icmp-type timestamp-request -j DROP</code>
 +
 +Reference: https://www.golinuxcloud.com/disable-icmp-timestamp-responses-in-linux/