IPTables - Filter ICMP Timestamp Requests & Replies

Here’s how to filter or block ICMP timestamp requests and replies.

On Redhat/CentOS, edit /etc/sysconfig/iptables and add the following lines

-A RH-Firewall-1-INPUT -p ICMP --icmp-type timestamp-request -j DROP
-A RH-Firewall-1-INPUT -p ICMP --icmp-type timestamp-reply -j DROP

and then run:

/sbin/iptables restart

Or run the following commands:

/sbin/iptables -I RH-Firewall-1-INPUT 1 -p ICMP --icmp-type timestamp-request -j DROP
/sbin/iptables -I RH-Firewall-1-INPUT 1 -p ICMP --icmp-type timestamp-reply -j DROP
/sbin/service iptables save

Recently on an Ubantu server we just added these lines to /etc/rc.local:

/sbin/iptables -I INPUT 1 -p ICMP --icmp-type timestamp-request -j DROP
/sbin/iptables -I INPUT 1 -p ICMP --icmp-type timestamp-reply -j DROP

Bookmark on Delicious
Digg this post
Recommend on Facebook
share via Reddit
Share with Stumblers
Tweet about it
Subscribe to the comments on this post
Print for later
Bookmark in Browser
Tell a friend

Posted on November 17, 2009 by admin in Networking

← Apache – Remove Auth From Subdirectory

IPTables – Filter ICMP Address Mask Request & Replies →

IPTables – Filter ICMP Timestamp Requests & Replies

Recent Updates

Categories

Archives

Newsletter Signup