VMware Aria Operations 8.17.1

8.18 8.17.1 8.16 8.14 8.12
简体中文 Deutsch Español Français 日本語 한국어 繁體中文 English

Secure the Stream Control Transmission Protocol

Prevent the Stream Control Transmission Protocol (SCTP) module from loading on VMware Aria appliances by default. Potential attackers can exploit this protocol to compromise your system.
Configure your system to prevent the SCTP module from loading unless it is absolutely necessary. SCTP is an unused IETF-standardized transport layer protocol. Binding this protocol to the network stack increases the attack surface of the host. Unprivileged local processes might cause the kernel to dynamically load a protocol handler by using the protocol to open a socket.
  1. Open the
    /etc/modprobe.d/modprobe.conf
     file in a text editor.
  2. Ensure that the following line appears in this file.
    install sctp /bin/false
  3. Save the file and close it.

Content feedback and comments