diff --git a/manifests/modules.pp b/manifests/modules.pp
index dfa64d6..4e85647 100644
--- a/manifests/modules.pp
+++ b/manifests/modules.pp
@@ -11,6 +11,7 @@
 class os_hardening::modules (
   Array $disable_filesystems =
     ['cramfs','freevxfs','jffs2','hfs','hfsplus','squashfs','udf'],
+  Array $disable_network_protocol = ['dccp','sctp','rds','tipc'],
 ) {
 
   # Disable unused filesystems (os-10)
@@ -22,5 +23,12 @@
     content => template('os_hardening/disable_fs.erb'),
   }
 
+  file { '/etc/modprobe.d/dev-sec-net-protocols.conf':
+    ensure  => file,
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0440',
+    content => template('os_hardening/disable_net_protocols.erb'),
+  }
 }
 
diff --git a/templates/disable_net_protocols.erb b/templates/disable_net_protocols.erb
new file mode 100644
index 0000000..3ce1022
--- /dev/null
+++ b/templates/disable_net_protocols.erb
@@ -0,0 +1,7 @@
+# MANAGED BY PUPPET
+# Puppet os_hardening: 
+
+<% @disable_network_protocol.each do |protocol| -%>
+install <%= protocol %> /bin/true
+<% end -%>
+