|
- # 3.5.4 Ensure TIPC is disabled
- #
- # Description
- # ===========
- # The Transparent Inter-Process Communication (TIPC) protocol is designed
- # to provide communication between cluster nodes.
- #
- # Rationale
- # =========
- # If the protocol is not being used, it is recommended that kernel module
- # not be loaded, disabling the service to reduce the potential attack surface.
- #
- # Audit
- # =====
- # Run the following commands and verify the output is as indicated:
- #
- # # modprobe -n -v tipc
- # install /bin/true
- # # lsmod | grep tipc
- # <No output>
- #
- # Remediation
- # ===========
- #
- # Edit or create the file /etc/modprobe.d/CIS.conf and add the following line:
- #
- # install tipc /bin/true
- #
- parameters:
- linux:
- system:
- kernel:
- module:
- tipc:
- install:
- command: /bin/true
|
