LinuxQuestions.org - Disable ICMP timestamp but echo reply should still be enabled

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - Disable ICMP timestamp but echo reply should still be enabled (https://www.linuxquestions.org/questions/linux-security-4/disable-icmp-timestamp-but-echo-reply-should-still-be-enabled-4175545128/)

depam

06-11-2015 09:47 PM

Disable ICMP timestamp but echo reply should still be enabled

Was wondering if this is possible? I have tried combination of type 13 and 14 DROP and type 0 and 8 ACCEPT but is not working. I can still see TS.

-A INPUT -p ICMP --icmp-type 0 -j ACCEPT
-A INPUT -p ICMP --icmp-type 8 -j ACCEPT
-A INPUT -p ICMP --icmp-type timestamp-request -j DROP
-A INPUT -p ICMP --icmp-type timestamp-reply -j DROP

joec@home

06-12-2015 12:59 PM

What are the exact commands that you are using to test with? For example the default ping on Linux no longer uses ICMP, but now uses a UDP packet.

depam

06-17-2015 09:43 PM

I am using below:

ping -T tsonly IPAddr

All times are GMT -5. The time now is 07:23 AM.