Forum Discussion
Disabling TCP Timestamps on application gateways
Hello,
We use Application Gatways for a number of apps. Our 3rd party vulnerability scanner discovered the AGW exposes the uptime of the system. Is there a way to disable this on the AGW? I found this post in UserVoice from 2017 where someone asked for the same option: https://feedback.azure.com/forums/217313-networking/suggestions/32683267-need-a-function-to-disable-the-timestamp-in-tcp-op.
If it's not possible, it's not possible. I haven't found documentation on it, so my guess is there's currently no way to disable it. I get this is low risk, I just need to do a little more digging until I write this one off as a known issue / accepted risk.
Thank you
1 Reply
As of now, Azure Application Gateway does not provide a configurable option to disable TCP timestamps. This includes both Standard and WAF SKUs. The TCP stack used by the underlying infrastructure is managed by Azure and does not expose granular control over TCP options like timestamps.
In this case, would suggest to consider placing a reverse proxy or firewall in front of the Application Gateway that allows TCP stack customization.