Re: [Tails-dev] [review'n'merge:1.2] feature/6579-disable-t…

Delete this message

Reply to this message
Author: Patrick Schleizer
Date:  
To: tails-dev
New-Topics: Re: [Tails-dev] ICMP timestamps [Was: [review'n'merge:1.2] feature/6579-disable-tcp-timestamps]
Subject: Re: [Tails-dev] [review'n'merge:1.2] feature/6579-disable-tcp-timestamps [Was: Risks of enabled/disabled TCP timestamps?]
Hi,

I haven't found the commit where you actually added
/etc/sysctl.d/tcp_timestamps.conf.

Does this implementation involve anything besides
/etc/sysctl.d/tcp_timestamps.conf?

http://www.tmltechnologies.com/html-2012/index.php/linux-rescue-kits/82-secret/91-disable-tcp-timestamps-on-linux
recommends:

> To be on the safe side, add the following 2 lines to your firewall script:


> iptables -A INPUT -p icmp --icmp-type timestamp-request -j DROP
> iptables -A OUTPUT -p icmp --icmp-type timestamp-reply -j DROP


What do you think?

Cheers,
Patrick