Developers Documentation



301 error for file:

User Tools

Site Tools

TCP Timestamp Requests Enabled

Security Metrics may claim that enabled timestamps represent a security vulnerability. In there opinion, knowledge of how long your server has been running is a valuable target.

In the modern era of virtualized servers, content delivery networks and proxied load balancers ClearCenter does not see this as relevant, important, significant or risky.

Please note that there is no CVE associated with this issue nor is there any specific reference to any regulatory requirement to NOT have TCP Timestamps. Additionally, disabling TCP timestamps can adversely affect performance.

ClearCenter response

Short response

Timestamps do not present a security vulnerability.

Long response

Timestamps are essential for optimal performance and do not indicate a specific risk. Moreover, the information associated with timestamps is not an accurate predictor of how long the server has been running but rather how long the network service has been running (i.e. they can be reset by restarting the network service at any time).

Since such information is arbitrary and not predictive and does not represent a specific risk, there is nothing to be done. Moreover, removal will adversely affect performance which will cannot tolerate.


If adverse performance is an acceptable trade-off for removing TCP Timestamps, perform the following:

First, modify the /etc/sysctl.conf file using your favorite command line editor (e.g. nano, vi, or emacs). Add the following line:

net.ipv4.tcp_timestamps = 0

Restart the network service:

service network restart

or you can also reboot the server.

content/en_us/kb_3rdparty_security_metrics_tcp_timestamp_requests_enabled.txt · Last modified: 2015/01/29 09:52 (external edit)