Re: [Tails-dev] [review'n'merge:1.2] feature/6579-disable-t…

Supprimer ce message

Répondre à ce message
Auteur: Patrick Schleizer
Date:  
À: tails-dev
Nouveaux-sujets: Re: [Tails-dev] ICMP timestamps [Was: [review'n'merge:1.2] feature/6579-disable-tcp-timestamps]
Sujet: Re: [Tails-dev] [review'n'merge:1.2] feature/6579-disable-tcp-timestamps [Was: Risks of enabled/disabled TCP timestamps?]
Hi,

I haven't found the commit where you actually added
/etc/sysctl.d/tcp_timestamps.conf.

Does this implementation involve anything besides
/etc/sysctl.d/tcp_timestamps.conf?

http://www.tmltechnologies.com/html-2012/index.php/linux-rescue-kits/82-secret/91-disable-tcp-timestamps-on-linux
recommends:

> To be on the safe side, add the following 2 lines to your firewall script:


> iptables -A INPUT -p icmp --icmp-type timestamp-request -j DROP
> iptables -A OUTPUT -p icmp --icmp-type timestamp-reply -j DROP


What do you think?

Cheers,
Patrick