Hi Friends,

We have a security scan finding directing us to disable TCP timestamps.

I understand the reasons for the recommendation: the timestamp can be used to calculate server uptime, which can be helpful to an attacker (good explanation under heading “TCP Timestamps” at http://www.silby.com/eurobsdcon05/eurobsdcon_silbersack.pdf).

However, it’s my understanding that TCP timestamps are intended to enhance TCP performance.

Naturally, in the cost/benefit analysis, performance degradation is a big, possibly too big, cost.

I’m having a hard time understanding how much, if any, performance cost there is likely to be.

OS parameter is like below to be recommended:

net.ipv4.tcp_timestamps = 0

Is there any help based on above issue from your side ?

P.S : We have been asked to disable tcp timestamp where jitsi core modules are running on.

Regards

if by ‘performance’ you mean reliability you are right.

trying to estimate up time against 3 servers (Ubuntu 16.04, 18.04, 20.04) gives me consistent results, however for Ubuntu 16 it’s the correct result, for more modern OS it’s wrong. So IMO if you want to hide this info using a modern OS is more useful than fiddling with TCP.

Performance impact is going to be significant only if you use Turn, bulk of data transits through UDP (DTLS)