http://wiki.lordwektabyte.cat/index.php?action=history&feed=atom&title=ASIX%2FM17%2FUF2%2FPT1
ASIX/M17/UF2/PT1 - Historial de revisió
2026-05-04T11:35:56Z
Historial de revisió per a aquesta pàgina del wiki
MediaWiki 1.34.0
http://wiki.lordwektabyte.cat/index.php?title=ASIX/M17/UF2/PT1&diff=5198&oldid=prev
Guillem: Guillem ha mogut M17/UF2/PT1 a ASIX/M17/UF2/PT1 sense deixar una redirecció: Crear subnivell ASIX
2020-04-15T11:34:28Z
<p>Guillem ha mogut <a href="/index.php?title=M17/UF2/PT1&action=edit&redlink=1" class="new" title="M17/UF2/PT1 (encara no existeix)">M17/UF2/PT1</a> a <a href="/wiki/ASIX/M17/UF2/PT1" title="ASIX/M17/UF2/PT1">ASIX/M17/UF2/PT1</a> sense deixar una redirecció: Crear subnivell ASIX</p>
<table class="diff diff-contentalign-left" data-mw="interface">
<tr class="diff-title" lang="ca">
<td colspan="1" style="background-color: #fff; color: #222; text-align: center;">← Versió més antiga</td>
<td colspan="1" style="background-color: #fff; color: #222; text-align: center;">Revisió del 11:34, 15 abr 2020</td>
</tr><tr><td colspan="2" class="diff-notice" lang="ca"><div class="mw-diff-empty">(Cap diferència)</div>
</td></tr></table>
Guillem
http://wiki.lordwektabyte.cat/index.php?title=ASIX/M17/UF2/PT1&diff=3868&oldid=prev
Guillem a 15:58, 1 març 2019
2019-03-01T15:58:43Z
<p></p>
<a href="http://wiki.lordwektabyte.cat/index.php?title=ASIX/M17/UF2/PT1&diff=3868&oldid=3867">Mostra els canvis</a>
Guillem
http://wiki.lordwektabyte.cat/index.php?title=ASIX/M17/UF2/PT1&diff=3867&oldid=prev
Guillem a 15:58, 1 març 2019
2019-03-01T15:58:17Z
<p></p>
<a href="http://wiki.lordwektabyte.cat/index.php?title=ASIX/M17/UF2/PT1&diff=3867&oldid=3866">Mostra els canvis</a>
Guillem
http://wiki.lordwektabyte.cat/index.php?title=ASIX/M17/UF2/PT1&diff=3866&oldid=prev
Guillem a 15:52, 1 març 2019
2019-03-01T15:52:12Z
<p></p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="ca">
<td colspan="2" style="background-color: #fff; color: #222; text-align: center;">← Versió més antiga</td>
<td colspan="2" style="background-color: #fff; color: #222; text-align: center;">Revisió del 15:52, 1 març 2019</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l1" >Línia 1:</td>
<td colspan="2" class="diff-lineno">Línia 1:</td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"><source></ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>I Summary</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>I Summary</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>=========</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>=========</div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l321" >Línia 321:</td>
<td colspan="2" class="diff-lineno">Línia 322:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Other:</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Other:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div> http://www.ietf.org/rfc/rfc1323.txt</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div> http://www.ietf.org/rfc/rfc1323.txt</div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"></source></ins></div></td></tr>
</table>
Guillem
http://wiki.lordwektabyte.cat/index.php?title=ASIX/M17/UF2/PT1&diff=3865&oldid=prev
Guillem a 15:51, 1 març 2019
2019-03-01T15:51:57Z
<p></p>
<a href="http://wiki.lordwektabyte.cat/index.php?title=ASIX/M17/UF2/PT1&diff=3865&oldid=3864">Mostra els canvis</a>
Guillem
http://wiki.lordwektabyte.cat/index.php?title=ASIX/M17/UF2/PT1&diff=3864&oldid=prev
Guillem: Es crea la pàgina amb «<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UT...».
2019-03-01T15:50:33Z
<p>Es crea la pàgina amb «<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UT...».</p>
<p><b>Pàgina nova</b></p><div><!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><br />
<html><br />
<head><br />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><br />
<style><br />
body {<br />
background-color: #FFFFFF;<br />
margin: 0px;<br />
font: small Verdana, sans-serif;<br />
font-size: 12px;<br />
color: #1A1A1A;<br />
}<br />
<br />
div.content {<br />
width: 98%;<br />
align: center;<br />
margin-left: auto;<br />
margin-right: auto;<br />
}<br />
<br />
tr.table_head {<br />
background-color: #d5d5d5;<br />
}<br />
<br />
.diff {<br />
white-space: pre;<br />
font-family: monospace;<br />
}<br />
<br />
.diff.at {<br />
color: #9932CC;<br />
}<br />
<br />
.diff.plus {<br />
color: #006400;<br />
}<br />
<br />
.diff.minus {<br />
color: #B22222;<br />
}<br />
<br />
div.footer {<br />
text-align: center;<br />
}<br />
<br />
div.note, div.override {<br />
padding:4px;<br />
margin:3px;<br />
margin-bottom:0px;<br />
margin-top:0px;<br />
border: 1px solid #CCCCCC;<br />
border-top: 0px;<br />
background-color: #ffff90;<br />
}<br />
<br />
.result_head {<br />
padding:4px;<br />
margin:3px;<br />
margin-bottom:0px;<br />
color: #FFFFFF;<br />
border: 1px solid #CCCCCC;<br />
border-bottom: 0px;<br />
background:#d5d5d5;<br />
}<br />
<br />
.result_head.low {<br />
background:#539dcb<br />
}<br />
<br />
.result_head.medium {<br />
background:#f99f31<br />
}<br />
<br />
.result_head.high {<br />
background:#cb1d17<br />
}<br />
<br />
.result_section {<br />
padding:4px;<br />
margin:3px;<br />
margin-bottom:0px;<br />
margin-top:0px;<br />
border: 1px solid #CCCCCC;<br />
border-top: 0px;<br />
}<br />
<br />
.location_float {<br />
float: right;<br />
text-align:right;<br />
}<br />
<br />
.delta_float {<br />
float: left;<br />
font-size: 24px;<br />
border: 2px;<br />
padding-left: 2px;<br />
padding-right: 8px;<br />
margin:0px;<br />
}<br />
<br />
.full_width {<br />
width: 100%;<br />
}<br />
<br />
pre {<br />
white-space: pre-wrap;<br />
word-wrap: break-word;<br />
}<br />
</style><br />
<title>Scan Report</title><br />
</head><br />
<body><div class="content"><br />
<h1>Summary</h1><br />
<p><br />
This document reports on the results of an automatic security scan.<br />
The report first summarises the results found. Then, for each host,<br />
the report describes every issue found. Please consider the<br />
advice given in each description, in order to rectify the issue.<br />
</p><br />
<p><br />
Vendor security updates are not trusted.<br />
</p><br />
<p><br />
Overrides are on. When a result has an override, this report uses the threat of the override.<br />
</p><br />
<p><br />
Information on overrides is included in the report.<br />
</p><br />
<p><br />
Notes are included in the report.<br />
</p><br />
<p><br />
This report might not show details of all issues that were found.<br />
<br />
It only lists hosts that produced issues.<br />
<br />
Issues with the threat level "Log" are not shown.<br />
<br />
Issues with the threat level "Debug" are not shown.<br />
<br />
Issues with the threat level "False Positive" are not shown.<br />
Only results with a minimum QoD of 70 are shown. </p><br />
<p>This report contains all 5 results selected by the filtering described above. Before filtering there were 155 results.</p><br />
<p>All dates are displayed using the timezone "Coordinated Universal Time", which is abbreviated "UTC".</p><br />
<table><br />
<tr><br />
<td>Scan started:</td><br />
<td><b>Fri Mar 1 14:54:15 2019 UTC</b></td><br />
</tr><br />
<tr><br />
<td>Scan ended:</td><br />
<td>Fri Mar 1 15:41:58 2019 UTC</td><br />
</tr><br />
<tr><br />
<td>Task:</td><br />
<td>Nose OVA</td><br />
</tr><br />
</table><br />
<h2>Host Summary</h2><br />
<table width="100%"><br />
<tr class="table_head"><br />
<td>Host</td><br />
<td>Start</td><br />
<td>End</td><br />
<td>High</td><br />
<td>Medium</td><br />
<td>Low</td><br />
<td>Log</td><br />
<td>False Positive</td><br />
</tr><br />
<tr><br />
<td><a href="#10.17.3.6">10.17.3.6</a></td><br />
<td>Mar 1, 15:21:42</td><br />
<td>Mar 1, 15:41:58</td><br />
<td>0</td><br />
<td>3</td><br />
<td>2</td><br />
<td>0</td><br />
<td>0</td><br />
</tr><br />
<tr><br />
<td>Total: 1</td><br />
<td></td><br />
<td></td><br />
<td>0</td><br />
<td>3</td><br />
<td>2</td><br />
<td>0</td><br />
<td>0</td><br />
</tr><br />
</table><br />
<h1>Results per Host</h1><br />
<h2 id="10.17.3.6">Host 10.17.3.6</h2><br />
<table><br />
<tr><br />
<td>Scanning of this host started at:</td><br />
<td>Fri Mar 1 15:21:42 2019 UTC</td><br />
</tr><br />
<tr><br />
<td>Number of results:</td><br />
<td>5</td><br />
</tr><br />
</table><br />
<h3>Port Summary for Host 10.17.3.6</h3><br />
<table width="100%"><br />
<tr class="table_head"><br />
<td>Service (Port)</td><br />
<td>Threat Level</td><br />
</tr><br />
<tr><br />
<td>general/tcp</td><br />
<td>Low</td><br />
</tr><br />
<tr><br />
<td>80/tcp</td><br />
<td>Medium</td><br />
</tr><br />
<tr><br />
<td>22/tcp</td><br />
<td>Medium</td><br />
</tr><br />
</table><br />
<h3>Security Issues for Host 10.17.3.6</h3><br />
<div class="result_head medium"><br />
<div class="location_float">80/tcp</div><br />
<b>Medium</b><br />
(CVSS: 5.8)<br />
<div class="full_width"><br />
NVT:<br />
HTTP Debugging Methods (TRACE/TRACK) Enabled<br />
(OID: 1.3.6.1.4.1.25623.1.0.11213)<br />
</div><br />
</div><br />
<div class="result_section"><br />
<b>Summary</b><p>Debugging functions are enabled on the remote web server.</p><br />
<p> The remote web server supports the TRACE and/or TRACK methods. TRACE and TRACK<br />
are HTTP methods which are used to debug web server connections.</p><br />
</div><br />
<div class="result_section"><br />
<b>Vulnerability Detection Result</b><pre>The web server has the following HTTP methods enabled: TRACE</pre><br />
</div><br />
<div class="result_section"><br />
<b>Impact</b><p>An attacker may use this flaw to trick your legitimate web users to give<br />
him their credentials.</p><br />
</div><br />
<div class="result_section"><br />
<b>Solution</b><p><b>Solution type: </b>Mitigation</p><br />
<p>Disable the TRACE and TRACK methods in your web server configuration.</p><br />
<p> Please see the manual of your web server or the references for more information.</p><br />
</div><br />
<div class="result_section"><br />
<b>Affected Software/OS</b><p>Web servers with enabled TRACE and/or TRACK methods.</p><br />
</div><br />
<div class="result_section"><br />
<b>Vulnerability Insight</b><p>It has been shown that web servers supporting this methods are<br />
subject to cross-site-scripting attacks, dubbed XST for Cross-Site-Tracing, when used in<br />
conjunction with various weaknesses in browsers.</p><br />
</div><br />
<div class="result_section"><br />
<b>Vulnerability Detection Method</b><p><br />
Details:<br />
HTTP Debugging Methods (TRACE/TRACK) Enabled<br />
(OID: 1.3.6.1.4.1.25623.1.0.11213)<br />
</p><br />
<p><br />
Version used: $Revision: 10828 $</p><br />
</div><br />
<div class="result_section"><br />
<b>References</b><br><p><table><br />
<tr valign="top"><br />
<td>CVE:</td><br />
<td>CVE-2003-1567, CVE-2004-2320, CVE-2004-2763, CVE-2005-3398, CVE-2006-4683, CVE-2007-3008, CVE-2008-7253, CVE-2009-2823, CVE-2010-0386, CVE-2012-2223, CVE-2014-7883</td><br />
</tr><br />
<tr valign="top"><br />
<td>BID:</td><br />
<td>9506, 9561, 11604, 15222, 19915, 24456, 33374, 36956, 36990, 37995</td><br />
</tr><br />
<tr valign="top"><br />
<td>CERT:</td><br />
<td>CB-K14/0981, DFN-CERT-2014-1018, DFN-CERT-2010-0020</td><br />
</tr><br />
<tr valign="top"><br />
<td>Other:</td><br />
<td>http://www.kb.cert.org/vuls/id/288308</td><br />
</tr><br />
<tr valign="top"><br />
<td></td><br />
<td>http://www.kb.cert.org/vuls/id/867593</td><br />
</tr><br />
<tr valign="top"><br />
<td></td><br />
<td>http://httpd.apache.org/docs/current/de/mod/core.html#traceenable</td><br />
</tr><br />
<tr valign="top"><br />
<td></td><br />
<td>https://www.owasp.org/index.php/Cross_Site_Tracing</td><br />
</tr><br />
</table></p><br />
</div><br />
<div class="result_head medium"><br />
<div class="location_float">80/tcp</div><br />
<b>Medium</b><br />
(CVSS: 5.0)<br />
<div class="full_width"><br />
NVT:<br />
Linux Home Folder Accessible<br />
(OID: 1.3.6.1.4.1.25623.1.0.111108)<br />
</div><br />
</div><br />
<div class="result_section"><br />
<b>Summary</b><p>The script attempts to identify files of a linux home folder accessible<br />
at the webserver.</p><br />
</div><br />
<div class="result_section"><br />
<b>Vulnerability Detection Result</b><pre>The following files were identified:<br />
<br />
http://10.17.3.6/.bash_history</pre><br />
</div><br />
<div class="result_section"><br />
<b>Impact</b><p>Based on the information provided in this files an attacker might<br />
be able to gather additional info.</p><br />
</div><br />
<div class="result_section"><br />
<b>Solution</b><p><b>Solution type: </b>Mitigation</p><br />
<p>A users home folder shouldn't be accessible via a webserver. Restrict access to it or remove it completely.</p><br />
</div><br />
<div class="result_section"><br />
<b>Vulnerability Insight</b><p>Currently the script is checking for the following files:</p><br />
<p> - /.ssh/authorized_keys</p><br />
<p> - /.ssh/known_hosts</p><br />
<p> - /.ssh/identity</p><br />
<p> - /.ssh/id_rsa</p><br />
<p> - /.ssh/id_rsa.pub</p><br />
<p> - /.ssh/id_dsa</p><br />
<p> - /.ssh/id_dsa.pub</p><br />
<p> - /.ssh/id_dss</p><br />
<p> - /.ssh/id_dss.pub</p><br />
<p> - /.ssh/id_ecdsa</p><br />
<p> - /.ssh/id_ecdsa.pub</p><br />
<p> - /.ssh/id_ed25519</p><br />
<p> - /.ssh/id_ed25519.pub</p><br />
<p> - /.mysql_history</p><br />
<p> - /.sqlite_history</p><br />
<p> - /.psql_history</p><br />
<p> - /.sh_history</p><br />
<p> - /.bash_history</p><br />
<p> - /.profile</p><br />
<p> - /.bashrc</p><br />
</div><br />
<div class="result_section"><br />
<b>Vulnerability Detection Method</b><p>Check the response if files from a home folder are accessible.</p><br />
<p><br />
Details:<br />
Linux Home Folder Accessible<br />
(OID: 1.3.6.1.4.1.25623.1.0.111108)<br />
</p><br />
<p><br />
Version used: $Revision: 10157 $</p><br />
</div><br />
<div class="result_head medium"><br />
<div class="location_float">22/tcp</div><br />
<b>Medium</b><br />
(CVSS: 4.3)<br />
<div class="full_width"><br />
NVT:<br />
SSH Weak Encryption Algorithms Supported<br />
(OID: 1.3.6.1.4.1.25623.1.0.105611)<br />
</div><br />
</div><br />
<div class="result_section"><br />
<b>Summary</b><p>The remote SSH server is configured to allow weak encryption algorithms.</p><br />
</div><br />
<div class="result_section"><br />
<b>Vulnerability Detection Result</b><pre>The following weak client-to-server encryption algorithms are supported by the remote service:<br />
<br />
3des-cbc<br />
aes128-cbc<br />
aes192-cbc<br />
aes256-cbc<br />
arcfour<br />
arcfour128<br />
arcfour256<br />
blowfish-cbc<br />
cast128-cbc<br />
rijndael-cbc@lysator.liu.se<br />
<br />
<br />
The following weak server-to-client encryption algorithms are supported by the remote service:<br />
<br />
3des-cbc<br />
aes128-cbc<br />
aes192-cbc<br />
aes256-cbc<br />
arcfour<br />
arcfour128<br />
arcfour256<br />
blowfish-cbc<br />
cast128-cbc<br />
rijndael-cbc@lysator.liu.se</pre><br />
</div><br />
<div class="result_section"><br />
<b>Solution</b><p><b>Solution type: </b>Mitigation</p><br />
<p>Disable the weak encryption algorithms.</p><br />
</div><br />
<div class="result_section"><br />
<b>Vulnerability Insight</b><p>The `arcfour` cipher is the Arcfour stream cipher with 128-bit keys.<br />
The Arcfour cipher is believed to be compatible with the RC4 cipher [SCHNEIER]. Arcfour (and RC4) has problems<br />
with weak keys, and should not be used anymore.</p><br />
<p> The `none` algorithm specifies that no encryption is to be done.<br />
Note that this method provides no confidentiality protection, and it<br />
is NOT RECOMMENDED to use it.</p><br />
<p> A vulnerability exists in SSH messages that employ CBC mode that may allow an attacker to recover plaintext from a block of ciphertext.</p><br />
</div><br />
<div class="result_section"><br />
<b>Vulnerability Detection Method</b><p>Check if remote ssh service supports Arcfour, none or CBC ciphers.</p><br />
<p><br />
Details:<br />
SSH Weak Encryption Algorithms Supported<br />
(OID: 1.3.6.1.4.1.25623.1.0.105611)<br />
</p><br />
<p><br />
Version used: $Revision: 13581 $</p><br />
</div><br />
<div class="result_section"><br />
<b>References</b><br><p><table><br />
<tr valign="top"><br />
<td>Other:</td><br />
<td>https://tools.ietf.org/html/rfc4253#section-6.3</td><br />
</tr><br />
<tr valign="top"><br />
<td></td><br />
<td>https://www.kb.cert.org/vuls/id/958563</td><br />
</tr><br />
</table></p><br />
</div><br />
<div class="result_head low"><br />
<div class="location_float">22/tcp</div><br />
<b>Low</b><br />
(CVSS: 2.6)<br />
<div class="full_width"><br />
NVT:<br />
SSH Weak MAC Algorithms Supported<br />
(OID: 1.3.6.1.4.1.25623.1.0.105610)<br />
</div><br />
</div><br />
<div class="result_section"><br />
<b>Summary</b><p>The remote SSH server is configured to allow weak MD5 and/or 96-bit MAC algorithms.</p><br />
</div><br />
<div class="result_section"><br />
<b>Vulnerability Detection Result</b><pre>The following weak client-to-server MAC algorithms are supported by the remote service:<br />
<br />
hmac-md5<br />
hmac-md5-96<br />
hmac-sha1-96<br />
<br />
<br />
The following weak server-to-client MAC algorithms are supported by the remote service:<br />
<br />
hmac-md5<br />
hmac-md5-96<br />
hmac-sha1-96</pre><br />
</div><br />
<div class="result_section"><br />
<b>Solution</b><p><b>Solution type: </b>Mitigation</p><br />
<p>Disable the weak MAC algorithms.</p><br />
</div><br />
<div class="result_section"><br />
<b>Vulnerability Detection Method</b><p><br />
Details:<br />
SSH Weak MAC Algorithms Supported<br />
(OID: 1.3.6.1.4.1.25623.1.0.105610)<br />
</p><br />
<p><br />
Version used: $Revision: 13581 $</p><br />
</div><br />
<div class="result_head low"><br />
<div class="location_float">general/tcp</div><br />
<b>Low</b><br />
(CVSS: 2.6)<br />
<div class="full_width"><br />
NVT:<br />
TCP timestamps<br />
(OID: 1.3.6.1.4.1.25623.1.0.80091)<br />
</div><br />
</div><br />
<div class="result_section"><br />
<b>Summary</b><p>The remote host implements TCP timestamps and therefore allows to compute<br />
the uptime.</p><br />
</div><br />
<div class="result_section"><br />
<b>Vulnerability Detection Result</b><pre>It was detected that the host implements RFC1323.<br />
<br />
The following timestamps were retrieved with a delay of 1 seconds in-between:<br />
Packet 1: 3183497<br />
Packet 2: 3185039</pre><br />
</div><br />
<div class="result_section"><br />
<b>Impact</b><p>A side effect of this feature is that the uptime of the remote<br />
host can sometimes be computed.</p><br />
</div><br />
<div class="result_section"><br />
<b>Solution</b><p><b>Solution type: </b>Mitigation</p><br />
<p>To disable TCP timestamps on linux add the line 'net.ipv4.tcp_timestamps = 0' to<br />
/etc/sysctl.conf. Execute 'sysctl -p' to apply the settings at runtime.</p><br />
<p> To disable TCP timestamps on Windows execute 'netsh int tcp set global timestamps=disabled'</p><br />
<p> Starting with Windows Server 2008 and Vista, the timestamp can not be completely disabled.</p><br />
<p> The default behavior of the TCP/IP stack on this Systems is to not use the<br />
Timestamp options when initiating TCP connections, but use them if the TCP peer<br />
that is initiating communication includes them in their synchronize (SYN) segment.</p><br />
<p> See also: http://www.microsoft.com/en-us/download/details.aspx?id=9152</p><br />
</div><br />
<div class="result_section"><br />
<b>Affected Software/OS</b><p>TCP/IPv4 implementations that implement RFC1323.</p><br />
</div><br />
<div class="result_section"><br />
<b>Vulnerability Insight</b><p>The remote host implements TCP timestamps, as defined by RFC1323.</p><br />
</div><br />
<div class="result_section"><br />
<b>Vulnerability Detection Method</b><p>Special IP packets are forged and sent with a little delay in between to the<br />
target IP. The responses are searched for a timestamps. If found, the timestamps are reported.</p><br />
<p><br />
Details:<br />
TCP timestamps<br />
(OID: 1.3.6.1.4.1.25623.1.0.80091)<br />
</p><br />
<p><br />
Version used: $Revision: 10411 $</p><br />
</div><br />
<div class="result_section"><br />
<b>References</b><br><p><table><tr valign="top"><br />
<td>Other:</td><br />
<td>http://www.ietf.org/rfc/rfc1323.txt</td><br />
</tr></table></p><br />
</div><br />
<div class="footer"><br />
This file was automatically generated.<br />
</div><br />
</div></body><br />
</html></div>
Guillem