Prevent the Appletalk protocol from loading on vRealize appliances by default. Potential attackers might exploit this protocol to compromise your system.
About this task
Avoid loading the Appletalk Protocol module unless it is absolutely necessary. Binding this protocol to the network stack increases the attack surface of the host. Unprivileged local processes might cause the system to dynamically load a protocol handler by using the protocol to open a socket.
- Open the /etc/modprobe.conf.local file in a text editor.
- Ensure that the line
install appletalk /bin/trueappears in this file.
- Save the file and close it.