Question

Solved261 views17th September 2024

3

Syarah Husna [DevOps Advocate]62 13th September 2024 0 Comments

Hello All,

As a background, we have done a Vulnerability Assessment (VA) scanning on our Dataminer server and post assessment, there are few vulnerabilities that need to be addressed and one of it is ICMP Timestamp Request Remote Date Disclosure

Therefore, I would like to get your advise if I can filter out the ICMP timestamp requests (13), and the outgoing ICMP timestamp replies (14) in order to address the above vulnerability?

Is there any impact on our current Dataminer timing if I filter out ICMP (13) and (14)?

Appreciate your advise and feedback on this matter.

Snapshot as attached for your perusal.

Syarah Husna [DevOps Advocate] Selected answer as best 17th September 2024

1 Answer

score 1 · Answer 1 · 2024-09-17T07:58:10+00:00

1

Seppe Dejonckheere [SLC] [DevOps Enabler]1.89K Posted 13th September 2024 1 Comment

Hi,

As far as I'm aware, DataMiner does not rely on ICMP 13 and 14, as time synchronization across the cluster should be done by NTP.

Syarah Husna [DevOps Advocate] Edited comment 17th September 2024

Syarah Husna [DevOps Advocate] commented 17th September 2024

Dear Seppe,
Thank you so much for the information! I have filter out the ICMP (13) and (14) accordingly to addressed our server vulnerabilities.

Filtering ICMP Timestamp Request

1 Answer