As part of your system hardening activities, prevent the Transparent Inter-Process Communication Protocol (TIPC) from loading on your virtual appliance host machines by default. Potential attackers can exploit this protocol to compromise your system.
Binding the Transparent Inter-Process Communications (TIPC) Protocol to the network stack increases the attack surface of the host. Unprivileged local processes can cause the kernel to dynamically load a protocol handler by using the protocol to open a socket.
- Open the /etc/modprobe.conf.local file in a text editor.
- Ensure that the
install tipc /bin/trueline appears in this file.
- Save the file and close it.