We have a security scan finding directing us to disable TCP timestamps.
I understand the reasons for the recommendation: the timestamp can be used to calculate server uptime, which can be helpful to an attacker (good explanation under heading “TCP Timestamps” at http://www.silby.com/eurobsdcon05/eurobsdcon_silbersack.pdf).
However, it’s my understanding that TCP timestamps are intended to enhance TCP performance.
Naturally, in the cost/benefit analysis, performance degradation is a big, possibly too big, cost.
I’m having a hard time understanding how much, if any, performance cost there is likely to be.
OS parameter is like below to be recommended:
net.ipv4.tcp_timestamps = 0
Is there any help based on above issue from your side ?
P.S : We have been asked to disable tcp timestamp where jitsi core modules are running on.