STIGQter: STIG Summary: Solaris 10 X86 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

The Reliable Datagram Sockets (RDS) protocol must be disabled or not installed unless required.

DISA Rule

SV-227958r603266_rule

Vulnerability Number

V-227958

Group Title

SRG-OS-000096

Rule Version

GEN007480

Severity

CAT II

CCI(s)

• CCI-000382 - The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services.

Weight

10

Fix Recommendation

Remove the RDS protocol handler package.
# pkgrm SUNWrds

OR

Prevent the RDS protocol handler from dynamic loading.
# echo "exclude: rds" >> /etc/system

Check Contents

Ask the SA if RDS is required by application software running on the system. If so, this is not applicable.

Verify the RDS protocol handler is not installed.
# pkginfo | grep SUNWrds
If no results are returned, this is not a finding.

Verify the RDS protocol handler is prevented from dynamic loading.
# grep "exclude: rds" /etc/system
If no result is returned, this is a finding.

Vulnerability Number

V-227958

Documentable

False

Rule Version

GEN007480

Severity Override Guidance

Ask the SA if RDS is required by application software running on the system. If so, this is not applicable.

Verify the RDS protocol handler is not installed.
# pkginfo | grep SUNWrds
If no results are returned, this is not a finding.

Verify the RDS protocol handler is prevented from dynamic loading.
# grep "exclude: rds" /etc/system
If no result is returned, this is a finding.

Check Content Reference

M

Target Key

4061

Comments