Skip to main content

Remediation Steps

Follow the steps below to remediate this finding on Linux (Debian/Ubuntu).

  1. Block ICMP timestamp requests using iptables or nftables.

  2. With iptables:

    sudo iptables -A INPUT -p icmp --icmp-type timestamp-request -j DROP
sudo iptables -A OUTPUT -p icmp --icmp-type timestamp-reply -j DROP

  3. To persist across reboots:

    sudo apt install iptables-persistent
sudo netfilter-persistent save

  4. With nftables:

    nft add rule inet filter input icmp type timestamp-request drop
Back to top