Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ======3.5.2 Ensure SCTP is disabled (Not Scored)====== =====Profile Applicability===== <code> Level 1 - Server Level 1 - Workstation </code> =====Description===== The Stream Control Transmission Protocol (SCTP) is a transport layer protocol used to support message oriented communication, with several streams of messages in one connection. It serves a similar function as TCP and UDP, incorporating features of both. It is message-oriented like UDP, and ensures reliable in-sequence transport of messages with congestion control like TCP. =====Rationale===== If the protocol is not being used, it is recommended that kernel module not be loaded, disabling the service to reduce the potential attack surface. =====Audit===== Run the following commands and verify the output is as indicated: <Code:bash> # modprobe -n -v sctp install /bin/true # lsmod | grep sctp <No output> </Code> =====Remediation===== Edit or create the file ''/etc/modprobe.d/CIS.conf'' and add the following line: <Code:bash> install sctp /bin/true </Code> centos7/3/5/2.txt Last modified: 2017/05/04 17:32by 127.0.0.1