Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-05-09 17:34:58 -04:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #23 from madaidan/patch-18

Browse source 
Blacklist more uncommon network protocols
This commit is contained in:
Patrick Schleizer 2019-07-11 06:41:37 +00:00 committed by GitHub
commit a54500c6f1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 14 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
debian/control vendored
View file

@ -97,7 +97,7 @@ Description: enhances misc security settings
.
All mitigations for the MDS vulnerability are enabled.
.
DCCP, SCTP, TIPC, RDS and HDLC are blacklisted as they are rarely used and
Uncommon network protocols are blacklisted as they are rarely used and
may have unknown vulnerabilities.
.
The kernel logs are restricted to root only.

13
etc/modprobe.d/uncommon-network-protocols.conf
View file

@ -4,3 +4,16 @@ install sctp /bin/true
install rds /bin/true
install tipc /bin/true
install n-hdlc /bin/true
install ax25 /bin/true
install netrom /bin/true
install x25 /bin/true
install rose /bin/true
install decnet /bin/true
install econet /bin/true
install af_802154 /bin/true
install ipx /bin/true
install appletalk /bin/true
install psnap /bin/true
install p8023 /bin/true
install llc /bin/true
install p8022 /bin/true