Detections
Analytics

3.2.1 Ensure atm kernel module is not available

Information

The Asynchronous Transfer Mode (ATM) is a protocol operating on network, data link, and physical layers, based on virtual circuits and virtual paths. Disabling ATM protects the system against exploitation of any laws in its implementation.

Removing support for unneeded protocols reduces the local attack surface of the system. If this protocol is not needed, disable it.

Solution

Unload and disable the atm kernel module.

 - Run the following commands to unload the atm kernel module:

# modprobe -r atm 2>/dev/null
# rmmod can 2>/dev/null
 - Perform the following to disable the atm kernel module:

Create a file ending in .conf with install can /bin/false in the /etc/modprobe.d/ directory

Example:

# printf '\n%s\n' "install atm /bin/false" >> /etc/modprobe.d/60-atm.conf

Create a file ending in .conf with blacklist atm in the /etc/modprobe.d/ directory

Example:

# printf '\n%s\n' "blacklist atm" >> /etc/modprobe.d/60-atm.conf

See Also

https://workbench.cisecurity.org/benchmarks/23602

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7, CSCv7|9.2

Plugin: Unix

Control ID: 8cc306c308e914dfebb19005f6cc45bd375c0877924f77dfe37def4f74a6e9a7