UCF STIG Viewer Logo

The Reliable Datagram Sockets (RDS) protocol must be disabled unless required.


Finding ID Version Rule ID IA Controls Severity
V-38516 RHEL-06-000126 SV-50317r3_rule Low
Disabling RDS protects the system against exploitation of any flaws in its implementation.
Red Hat Enterprise Linux 6 Security Technical Implementation Guide 2015-05-26


Check Text ( C-46073r3_chk )
If the system is configured to prevent the loading of the "rds" kernel module, it will contain lines inside any file in "/etc/modprobe.d" or the deprecated "/etc/modprobe.conf". These lines instruct the module loading system to run another program (such as "/bin/true") upon a module "install" event. Run the following command to search for such lines in all files in "/etc/modprobe.d" and the deprecated "/etc/modprobe.conf":

$ grep -r rds /etc/modprobe.conf /etc/modprobe.d

If no line is returned, this is a finding.
Fix Text (F-43463r4_fix)
The Reliable Datagram Sockets (RDS) protocol is a transport layer protocol designed to provide reliable high-bandwidth, low-latency communications between nodes in a cluster. To configure the system to prevent the "rds" kernel module from being loaded, add the following line to a file in the directory "/etc/modprobe.d":

install rds /bin/true