The macOS system must not process Internet Control Message Protocol [ICMP] timestamp requests.
ICMP timestamp requests reveal information about the system and can be used to determine which operating system is installed. Precise time data can also be used to launch time-based attacks against the system. Configuring the system to drop incoming ICMPv4 timestamp requests mitigates these risks.
To disable ICMP timestamp responses, add the following line to "/etc/sysctl.conf", creating the file if necessary: net.inet.icmp.timestamp=0
To check if the system is configured to process ICMP timestamp requests, run the following command: sysctl net.inet.icmp.timestamp If the value is not set to "0", this is a finding.