We had a penetration test done on our servers and one of the vulnerabilities they suggested we fix is that the host responded to an ICMP timestamp request with TCP timestamp.
I've looked around but can't figure out how to disable it on our webserver or how to issue a command to check for this vulnerability (i.e. a ping or something).
It's IIS 7.5 on Windows Server 2008 R2. I read something about disabling it in Windows Firewall but that is disabled as we use Symantec Endpoint Protection.
Any ideas?
Thanks!
Best Answer
Normally Symantec Endpoint blocks this by default, and a more common request is to allow for the behavior instead of deny it.
At any rate, you can use the steps in this article.
Simply replace Allow Traffic with Disallow Traffic.