Detections
Analytics

1.293 OL08-00-040021

Information

OL 8 must not have the asynchronous transfer mode (ATM) kernel module installed if not required for operational support.

GROUP ID: V-248829
RULE ID: SV-248829r991589

The ATM is a transport layer protocoldesigned for digital transmission of multiple types of traffic, including telephony (voice), data, and video signals, in one network without the use of separate overlay networks. Disabling ATM protects the system against exploitation of any flaws in its implementation.

Solution

Configure OL 8 to disable the ability to use the "atm" kernel module.

Create a file under "/etc/modprobe.d" with the following command:

$ sudo touch /etc/modprobe.d/atm.conf

Add the following line to the created file:

install atm /bin/false

Configure OL 8 to disable the ability to use the atm kernel module.

$ sudo vi /etc/modprobe.d/blacklist.conf

Add or update the line:

blacklist atm

See Also

https://workbench.cisecurity.org/benchmarks/23791

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-248829r991589_rule, STIG-ID|OL08-00-040021, Vuln-ID|V-248829

Plugin: Unix

Control ID: d36fa3d7c5569ec4c29dc4da86cb145c9ddd1c5293f2442e1f44972dde1b993a