The Reliable Datagram Sockets (RDS) protocol must be disabled or not installed unless required.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-22530 | GEN007480 | SV-35248r1_rule | ECSC-1 | Medium |
| Description |
|---|
| The Reliable Datagram Sockets (RDS) protocol is a relatively new protocol developed by Oracle for communication between the nodes of a cluster. Binding this protocol to the network stack increases the attack surface of the host. Unprivileged local processes may be able to cause the system to dynamically load a protocol handler by opening a socket using the protocol. |
| STIG | Date |
|---|---|
| HP-UX 11.23 Security Technical Implementation Guide | 2015-12-02 |
Details
| Check Text ( C-35111r1_chk ) |
|---|
| If there is no RDS protocol handler for the system, this is not applicable. The RDS protocol is not currently available for the HP-UX 11i platform and is therefore not applicable. |
| Fix Text (F-26137r1_fix) |
|---|
| Configure the system to not dynamically load the RDS protocol handler. |