Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The Reliable Datagram Sockets (RDS) protocol must be disabled unless required.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-208868 | OL6-00-000126 | SV-208868r603263_rule | Low |
| Description |
|---|
| Disabling RDS protects the system against exploitation of any flaws in its implementation. |
| STIG | Date |
|---|---|
| Oracle Linux 6 Security Technical Implementation Guide | 2021-06-14 |
Details
| Check Text ( C-9121r357584_chk ) |
|---|
| If the system is configured to prevent the loading of the "rds" kernel module, it will contain lines inside any file in "/etc/modprobe.d" or the deprecated"/etc/modprobe.conf". These lines instruct the module-loading system to run another program (such as "/bin/true") upon a module "install" event. Run the following command to search for such lines in all files in "/etc/modprobe.d" and the deprecated "/etc/modprobe.conf": $ grep -r rds /etc/modprobe.conf /etc/modprobe.d If no line is returned, this is a finding. This is not a finding if the RDS service is required for proper system or application operation. Oracle Engineered Systems such as Exadata use the RDS service for InfiniBand-based communication with storage services. |
| Fix Text (F-9121r357585_fix) |
|---|
| The Reliable Datagram Sockets (RDS) protocol is a transport layer protocol designed to provide reliable high- bandwidth, low-latency communications between nodes in a cluster. To configure the system to prevent the "rds" kernel module from being loaded, add the following line to a file in the directory "/etc/modprobe.d": install rds /bin/true |