SV-99153r1_rule
V-88503
SRG-OS-000096-GPOS-00050
VROM-SL-000485
CAT II
10
Prevent the DCCP protocol handler for dynamic loading:
# echo "install dccp /bin/true" >> /etc/modprobe.conf.local
# echo "install dccp_ipv4 /bin/true" >> /etc/modprobe.conf.local
# echo "install dccp_ipv6 /bin/true" >> /etc/modprobe.conf.local
Check that the DCCP protocol handler is prevented from dynamic loading:
# grep "install dccp /bin/true" /etc/modprobe.conf /etc/modprobe.conf.local /etc/modprobe.d/*
If no result is returned, this is a finding.
# grep "install dccp_ipv4 /bin/true" /etc/modprobe.conf /etc/modprobe.conf.local /etc/modprobe.d/*
If no result is returned, this is a finding.
# grep "install dccp_ipv6" /etc/modprobe.conf /etc/modprobe.conf.local /etc/modprobe.d/* | grep ‘bin/true’
If no result is returned, this is a finding.
V-88503
False
VROM-SL-000485
Check that the DCCP protocol handler is prevented from dynamic loading:
# grep "install dccp /bin/true" /etc/modprobe.conf /etc/modprobe.conf.local /etc/modprobe.d/*
If no result is returned, this is a finding.
# grep "install dccp_ipv4 /bin/true" /etc/modprobe.conf /etc/modprobe.conf.local /etc/modprobe.d/*
If no result is returned, this is a finding.
# grep "install dccp_ipv6" /etc/modprobe.conf /etc/modprobe.conf.local /etc/modprobe.d/* | grep ‘bin/true’
If no result is returned, this is a finding.
M
3461