kohli9harjeev
Nov 25, 2015Nimbostratus
Disable TCP Timestamp Response on GTM
In a recent scan report , TCP Timestamp Response vulnerability was found as a risk. We can disable "Extensions for High Performance" in tcp profile but according to another thread https://devcentral.f5.com/questions/how-can-i-disable-tcp_timestamp-response-from-f5 this doesnt work.
Can someone help me with disabling ONLY TCP Timestamp Response.
Also,suppose,if we disabled this option,will it also affect GTM sync and iquery connections as each BIG-IP GTM system sends the timestamps of its configuration files to all other BIG-IP GTM systems in the sync group by default, as part of the heartbeat message.