STIGQter STIGQter: STIG Summary: Red Hat Enterprise Linux 6 Security Technical Implementation Guide Version: 1 Release: 24 Benchmark Date: 25 Oct 2019: The Transparent Inter-Process Communication (TIPC) protocol must be disabled unless required.

DISA Rule

SV-50318r5_rule

Vulnerability Number

V-38517

Group Title

SRG-OS-000096

Rule Version

RHEL-06-000127

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

The Transparent Inter-Process Communication (TIPC) protocol is designed to provide communications between nodes in a cluster. To configure the system to prevent the "tipc" kernel module from being loaded, add the following line to a file in the directory "/etc/modprobe.d":

install tipc /bin/true

Check Contents

If the system is configured to prevent the loading of the "tipc" kernel module, it will contain lines inside any file in "/etc/modprobe.d" or the deprecated"/etc/modprobe.conf". These lines instruct the module loading system to run another program (such as "/bin/true") upon a module "install" event. Run the following command to search for such lines in all files in "/etc/modprobe.d" and the deprecated "/etc/modprobe.conf":

$ grep -r tipc /etc/modprobe.conf /etc/modprobe.d | grep -i “/bin/true”| grep -v “#”

If no line is returned, this is a finding.

Vulnerability Number

V-38517

Documentable

False

Rule Version

RHEL-06-000127

Severity Override Guidance

If the system is configured to prevent the loading of the "tipc" kernel module, it will contain lines inside any file in "/etc/modprobe.d" or the deprecated"/etc/modprobe.conf". These lines instruct the module loading system to run another program (such as "/bin/true") upon a module "install" event. Run the following command to search for such lines in all files in "/etc/modprobe.d" and the deprecated "/etc/modprobe.conf":

$ grep -r tipc /etc/modprobe.conf /etc/modprobe.d | grep -i “/bin/true”| grep -v “#”

If no line is returned, this is a finding.

Check Content Reference

M

Target Key

2367

Comments