diff --git a/debian/control b/debian/control
index 461f477..8ccc838 100644
--- a/debian/control
+++ b/debian/control
@@ -43,8 +43,6 @@ Description: enhances misc security settings
   * The TCP/IP stack is hardened.
  .
   * This package makes some data spoofing attacks harder.
- .
-  * SACK is disabled as it is commonly exploited and is rarely used.
  .
   * This package disables the merging of slabs of similar sizes to prevent an
  attacker from exploiting them.
diff --git a/debian/security-misc.maintscript b/debian/security-misc.maintscript
index 2c93164..c15d00e 100644
--- a/debian/security-misc.maintscript
+++ b/debian/security-misc.maintscript
@@ -8,3 +8,6 @@ rm_conffile /etc/default/grub.d/40_only_allow_signed_modules.cfg
 
 ## https://forums.whonix.org/t/sysrq-magic-sysrq-key/8079
 rm_conffile /etc/sysctl.d/sysrq.conf
+
+## https://forums.whonix.org/t/disabling-tcp-sack-dsack-fack/8109/5
+rm_conffile /etc/sysctl.d/tcp_sack.conf
diff --git a/etc/sysctl.d/tcp_sack.conf b/etc/sysctl.d/tcp_sack.conf
deleted file mode 100644
index f949105..0000000
--- a/etc/sysctl.d/tcp_sack.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# Disables SACK as it is commonly exploited and likely not needed.
-# https://forums.whonix.org/t/disabling-tcp-sack-dsack-fack/8109
-net.ipv4.tcp_sack=0
-net.ipv4.tcp_dsack=0
-net.ipv4.tcp_fack=0