FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
duenlim
Staff
Staff
Article Id 356077
Description This article describe how to use built-in sniffer packet tool to make sure the block ICMP timestamp is effective on the FortiGate Interface.
Scope FortiGate.
Solution

By default, FortiGate will respond to the ICMP Timestamp reply if the ICMP Timestamp is received. The below images demonstrate the Nmap ICMP Timestamp sent to FortiGate's Interface and found 1 host up. 

 

Nmap_PingTimeStamp.png

 

The FortiGate built-in sniffer packet results show the ICMP Timestamp request packet comes in and FortiGate returns the ICMP Timestamp reply.

This information could have potential risks refer to Technical Tip: Block ICMP timestamp on FortiGate interface while keeping ping enabled

 

icmp_timestamp.png

 

Once applied the Block ICMP Timestamps. The built-in sniffer packet result shows FortiGate will stop response ICMP Timestamp reply.

 

icmp_timestamp_deny.png

Contributors