none
ICMP Timestamp Response

Respostas

Todas as Respostas

  • Run command prompt as an administrator

    type in this command: "netsh firewall set icmpsetting 13 disabled"

    that will block outgoing time stamp responses from your system

    terça-feira, 3 de janeiro de 2012 00:51
  • Here is how to filter out the ICMP timestamp requests (type 13) and replies (type 14) based on your platform:

    • HP-UX

    Execute the following command: ndd -set /dev/ip ip_respond_to_timestamp_broadcast 0

    The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response).

    • Cisco IOS

    Use ACLs to block ICMP types 13 and 14. For example: deny icmp any any 13 deny icmp any any 14

    Note that it is generally preferable to use ACLs that block everything by default and then selectively allow certain types of traffic in. For example, block everything and then only allow ICMP unreachable, ICMP echo reply, ICMP time exceeded, and ICMP source quench: permit icmp any any unreachable permit icmp any any echo-reply permit icmp any any time-exceeded permit icmp any any source-quench

    The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response).

    • SGI Irix

    IRIX does not offer a way to disable ICMP timestamp responses. Therefore, you should block ICMP on the affected host using ipfilterd, and/or block it at any external firewalls. The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response).

    • Linux

    Linux offers neither a sysctl nor a /proc/sys/net/ipv4 interface to disable ICMP timestamp responses. Therefore, you should block ICMP on the affected host using iptables, and/or block it at the firewall. For example: ipchains -A input -p icmp --icmp-type timestamp-request -j DROP ipchains -A output -p icmp --icmp-type timestamp-reply -j DROP

    The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response).

    • Microsoft Windows NT, Microsoft Windows NT Workstation, Microsoft Windows NT Server, Microsoft Windows NT Advanced Server, Microsoft Windows NT Server, Enterprise Edition, Microsoft Windows NT Server, Terminal Server Edition

    Windows NT does not provide a way to block ICMP packets. Therefore, you should block them at the firewall.

    The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response).

    • OpenBSD

    Set the "net.inet.icmp.tstamprepl" sysctl variable to 0. sysctl -w net.inet.icmp.tstamprepl=0

    The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response).

    • Cisco PIX

    A properly configured PIX firewall should never respond to ICMP packets on its external interface. In PIX Software versions 4.1(6) until 5.2.1, ICMP traffic to the PIX's internal interface is permitted; the PIX cannot be configured to NOT respond. Beginning in PIX Software version 5.2.1, ICMP is still permitted on the internal interface by default, but ICMP responses from its internal interfaces can be disabled with the icmp command, as follows, where is the name of the internal interface: icmp deny any 13 icmp deny any 14

    Don't forget to save the configuration when you are finished.

    See Cisco's support document Handling ICMP Pings with the PIX Firewall for more information. The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response).

    • Sun Solaris

    Execute the following commands: /usr/sbin/ndd -set /dev/ip ip_respond_to_timestamp 0 /usr/sbin/ndd -set /dev/ip ip_respond_to_timestamp_broadcast 0

    The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response).

    • Microsoft Windows 2000, Microsoft Windows 2000 Professional, Microsoft Windows 2000 Server, Microsoft Windows 2000 Advanced Server, Microsoft Windows 2000 Datacenter Server

    Use the IPSec filter feature to define an apply an IP filter list that blocks ICMP types 13 and 14. Note that the standard TCP/IP blocking capability under the "Networking and Dialup Connections" control panel is NOT capable of blocking ICMP (only TCP and UDP). The IPSec filter features, while they may seem strictly related to the IPSec standards, will allow you to selectively block these ICMP packets.

    The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response).

    • Microsoft Windows 7, Microsoft Windows 7 Home, Microsoft Windows 7 Professional, Microsoft Windows Server 2003, Microsoft Windows Server 2003, Standard Edition, Microsoft Windows Server 2003, Enterprise Edition, Microsoft Windows Server 2003, Data center Edition, Microsoft Windows Server 2003, Web Edition, Microsoft Windows Small Business Server 2003

    ICMP timestamp responses can be disabled by deselecting the "allow incoming timestamp request" option in the ICMP configuration panel of Windows Firewall.

    Go to the Network Connections control panel.

    Right click on the network adapter and select "properties", or select the internet adapter and Select File->Properties. Select the "Advanced" tab.

    In the Windows Firewall box, select "Settings".

    Select the "General" tab.

    Enable the firewall by selecting the "on (recommended)" option.

    Select the "Advanced" tab.

    In the ICMP box, select "Settings".

    uncheck the "Allow incoming timestamp request" option.

    Select "OK" to exit the ICMP Settings dialog and save the settings. Select "OK" to exit the Windows Firewall dialog and save the settings. Select "OK" to exit the internet adapter dialog.


    • Microsoft Windows Vista, Microsoft Windows Vista Home, Basic Edition, Microsoft Windows Vista Home, Basic N Edition, Microsoft Windows Vista Home, Premium Edition, Microsoft Windows Vista Ultimate Edition, Microsoft Windows Vista Enterprise Edition, Microsoft Windows Vista Business Edition, Microsoft Windows Vista Business N Edition, Microsoft Windows Vista Starter Edition, Microsoft Windows Server 2008, Microsoft Windows Server 2008 Standard Edition, Microsoft Windows Server 2008 Enterprise Edition, Microsoft Windows Server 2008 Datacenter Edition, Microsoft Windows Server 2008 HPC Edition, Microsoft Windows Server 2008 Web Edition, Microsoft Windows Server 2008 Storage Edition, Microsoft Windows Small Business Server 2008, Microsoft Windows Essential Business Server 2008

    ICMP timestamp responses can be disabled via the netsh command line utility.

    Go to the Windows Control Panel.

    Select "Windows Firewall".

    In the Windows Firewall box, select "Change Settings".

    Enable the firewall by selecting the "on (recommended)" option.

    Open a Command Prompt.

    Enter "netsh firewall set icmpsetting 13 disable"

    terça-feira, 31 de dezembro de 2013 14:05