Description | This article describe how to use built-in sniffer packet tool to make sure the block ICMP timestamp is effective on the FortiGate Interface. |
Scope | FortiGate. |
Solution |
By default, FortiGate will respond to the ICMP Timestamp reply if the ICMP Timestamp is received. The below images demonstrate the Nmap ICMP Timestamp sent to FortiGate's Interface and found 1 host up.
The FortiGate built-in sniffer packet results show the ICMP Timestamp request packet comes in and FortiGate returns the ICMP Timestamp reply. This information could have potential risks refer to Technical Tip: Block ICMP timestamp on FortiGate interface while keeping ping enabled
Once applied the Block ICMP Timestamps. The built-in sniffer packet result shows FortiGate will stop response ICMP Timestamp reply.
|