UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The Reliable Datagram Sockets (RDS) protocol must be disabled unless required.


Overview

Finding ID Version Rule ID IA Controls Severity
V-51001 OL6-00-000126 SV-65207r1_rule Low
Description
Disabling RDS protects the system against exploitation of any flaws in its implementation.
STIG Date
Oracle Linux 6 Security Technical Implementation Guide 2017-08-25

Details

Check Text ( C-53443r1_chk )
If the system is configured to prevent the loading of the "rds" kernel module, it will contain lines inside any file in "/etc/modprobe.d" or the deprecated"/etc/modprobe.conf". These lines instruct the module-loading system to run another program (such as "/bin/true") upon a module "install" event. Run the following command to search for such lines in all files in "/etc/modprobe.d" and the deprecated "/etc/modprobe.conf":

$ grep -r rds /etc/modprobe.conf /etc/modprobe.d

If no line is returned, this is a finding.

This is not a finding if the RDS service is required for proper system or application operation. Oracle Engineered Systems such as Exadata use the RDS service for InfiniBand-based communication with storage services.
Fix Text (F-55805r1_fix)
The Reliable Datagram Sockets (RDS) protocol is a transport layer protocol designed to provide reliable high- bandwidth, low-latency communications between nodes in a cluster. To configure the system to prevent the "rds" kernel module from being loaded, add the following line to a file in the directory "/etc/modprobe.d":

install rds /bin/true