AlmaLinux OS 9 must disable the Stream Control Transmission Protocol (SCTP) kernel module.
An XCCDF Rule
Description
The SCTP is a transport layer protocol, designed to support the idea of message-oriented communication, with several streams of messages within one connection. Disabling SCTP protects the system against exploitation of any flaws in its implementation.
- ID
- SV-269345r1050227_rule
- Version
- ALMA-09-030050
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
To configure the system to prevent the SCTP kernel module from being loaded, run the following command:
$ cat << EOF | tee /etc/modprobe.d/sctp.conf
install sctp /bin/false
blacklist sctp
EOF