Saltstack Official Linux Formula
Você não pode selecionar mais de 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.

cis-3-5-3.yml 897B

12345678910111213141516171819202122232425262728293031323334353637
  1. # 3.5.3 Ensure RDS is disabled
  2. #
  3. # Description
  4. # ===========
  5. # The Reliable Datagram Sockets (RDS) protocol is a transport layer protocol
  6. # designed to provide low-latency, high-bandwidth communications between
  7. # cluster nodes. It was developed by the Oracle Corporation.
  8. #
  9. # Rationale
  10. # =========
  11. # If the protocol is not being used, it is recommended that kernel module
  12. # not be loaded, disabling the service to reduce the potential attack surface.
  13. #
  14. # Audit
  15. # =====
  16. # Run the following commands and verify the output is as indicated:
  17. #
  18. # # modprobe -n -v rds
  19. # install /bin/true
  20. # # lsmod | grep rds
  21. # <No output>
  22. #
  23. # Remediation
  24. # ===========
  25. # Edit or create the file /etc/modprobe.d/CIS.conf and add the following line:
  26. #
  27. # install rds /bin/true
  28. #
  29. parameters:
  30. linux:
  31. system:
  32. kernel:
  33. module:
  34. rds:
  35. install:
  36. command: /bin/true