TCP Timestamps

HowTo Disable TCP Timestamps on CentOS

By default tcp-timestamps are enabled on CentOS. See the hping command page for an example on how to test and see if it's exposed. Unless you have already disabled them, they most likely it will be.

This option is controlled with sysctl, and you can also read the current value in the /proc filesystem. If either of the following commands shows a value of 1, then timestamps are exposed, a 0 would indicate that they are already disabled.

cat /proc/sys/net/ipv4/tcp_timestamps 


sysctl -a | grep "net.ipv4.tcp_timestamps"
net.ipv4.tcp_timestamps = 1

Disable TCP Timestamps

You can disable tcp timestamps by just echoing a value of 0 at the /proc filesystem path.

echo "0" > /proc/sys/net/ipv4/tcp_timestamps

This will leave things disabled until the system reboots, or sysctl reloads the conf file located at /etc/sysctl.conf.

Disable TCP Timestamps and Persist the Change

Edit /etc/sysctl.conf, and replace net.ipv4.tcp_timestamps = 1 to a value of 0.

vi /etc/sysctl.conf


net.ipv4.tcp_timestamps = 0


net.ipv4.tcp_timestamps = 1

Once updated, run sysctl witha  -p flag to load the file. Now when the system reboots, it will keep the setting.

Disable in a Saltstack State File

Saltstack configuration management provides a nice way of dealing with sysctl variables. Add the following to one of your state files to persist this change across your infrastructure via configuration management.

  - value: 0