Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The Datagram Congestion Control Protocol (DCCP) must be disabled unless required.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-217934 | RHEL-06-000124 | SV-217934r505923_rule | Medium |
| Description |
|---|
| Disabling DCCP protects the system against exploitation of any flaws in its implementation. |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 6 Security Technical Implementation Guide | 2020-09-03 |
Details
| Check Text ( C-19415r462394_chk ) |
|---|
| If the system is configured to prevent the loading of the "dccp" kernel module, it will contain lines inside any file in "/etc/modprobe.d" or the deprecated"/etc/modprobe.conf". These lines instruct the module loading system to run another program (such as "/bin/true") upon a module "install" event. Run the following command to search for such lines in all files in "/etc/modprobe.d" and the deprecated "/etc/modprobe.conf": $ grep -r dccp /etc/modprobe.conf /etc/modprobe.d | grep -i “/bin/true”| grep -v “#” If no line is returned, this is a finding. |
| Fix Text (F-19413r462395_fix) |
|---|
| The Datagram Congestion Control Protocol (DCCP) is a relatively new transport layer protocol, designed to support streaming media and telephony. To configure the system to prevent the "dccp" kernel module from being loaded, add the following line to a file in the directory "/etc/modprobe.d": install dccp /bin/true |