2013/10/10 Philip Guenther <[email protected]>: > On Thu, Oct 10, 2013 at 4:30 AM, Илья Шипицин <[email protected]> wrote: >> I use ntp already. > > So everyone can predict what your machine would have sent in response > to an ICMP timestamp query, meaning that turning it off doesn't hide > anything. > > >> I am about to switch icmp timestamps off (security people are afraid >> of that setting), > > Cargo cult security.
it is known behavior of security people. > > >> just curious what was the purpose of it. > > Oddly enough, the RFC that defines it (RFC792) has a reference about that. by "purpose" I mean common use scenarios, like "we enable ssh by default, because it is used in routine administration and automation tasks, not because of RFC" "we enable icmp destination unreachable, because it is used commonly in PMTU mechanisms, not because it is mentioned in some RFC" or you enable everything found in RFC ? you must be odd if so. I am not that odd. > > Philip Guenther
