How to disable windows server 2008 timestamp response
Posted
by
Cal
on Server Fault
See other posts from Server Fault
or by Cal
Published on 2014-06-06T22:01:49Z
Indexed on
2014/06/08
9:27 UTC
Read the original article
Hit count: 1018
windows-server-2008
|timestamp
Posted this question on stackoverflow but then got instructed to post it here:
I was using Rapid7's Nexpose to scan one of our web servers (windows server 2008), and got a vulnerability for timestamp response.
According to Rapid7, timestamp response shall be disabled: http://www.rapid7.com/db/vulnerabilities/generic-tcp-timestamp
So far I have tried several things:
Edit the registry, add a "Tcp1323Opts" key to HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters, and set it to 0. http://technet.microsoft.com/en-us/library/cc938205.aspx
Use this command: netsh int tcp set global timestamps=disabled
Tried powershell command: Set-netTCPsetting -SettingName InternetCustom -Timestamps disabled (got error: Set-netTCPsetting : The term 'Set-netTCPsetting' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.) None of above attempts was successful, after re-scan we still got the same alert.
Rapid7 suggested using a firewall that's capable of blocking it, but we want to know if there is a setting on windows to achieve it.
Is it through a specific port? If yes, what is the port number? If not, could you suggest a 3rd party firewall that is capable of blocking it?
Thank you very much.
© Server Fault or respective owner