GEN:SID 1:454
Message ICMP Timestamp Request undefined code
Summary This event is generated when an ICMP Timestamp request is made with an invalid or undefined ICMP Code.
Impact Information gathering.  An ICMP Timestamp request can determine if a host is active.
Detailed Information An ICMP Timestamp request is used by the ping command to elicit an ICMP Timestamp reply from a listening live host.  This rule alerts on a generic ICMP request where no payload is included in the message or the payload does not match more specific rules.

If ICMP type 8 (echo) traffic is filtered at a firewall, an attacker may try to use type 13 (timestamp) as an alternative.
Affected Systems All
Attack Scenarios An attacker may attempt to determine live hosts in a network prior to launching an attack.
Ease of Attack Simple
Corrective Action Block inbound ICMP Timestamp requests.
Additional References