Prevent the Internetwork Packet Exchange Protocol (IPX) from loading on your system by default. Potential attackers could exploit this protocol to compromise your system.

About this task

Avoid loading the Internetwork Packet Exchange (IPX) Protocol module unless it is absolutely necessary. IPX protocol is an obsolete network-layer protocol. Binding this protocol to the network stack increases the attack surface of the host. Unprivileged local processes could cause the system to dynamically load a protocol handler by using the protocol to open a socket.

Procedure

  1. Open the /etc/modprobe.conf.local file in a text editor.
  2. Ensure that the following line appears in this file.

    install ipx /bin/true

  3. Save the file and close it.