Automatic mounting of Universal Serial Bus (USB) mass storage driver must be disabled.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-214990	UBTU-16-010580	SV-214990r610931_rule		Medium

Description
Without authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity. Peripherals include, but are not limited to, such devices as flash drives, external storage, and printers.

STIG	Date
Canonical Ubuntu 16.04 LTS Security Technical Implementation Guide	2020-12-09

Details

Check Text ( C-16189r284838_chk )
Verify that automatic mounting of the Universal Serial Bus (USB) mass storage driver has been disabled. Check that the USB mass storage drive has not been loaded with the following command: #lsmod \| grep usb-storage If a "usb-storage" line is returned, this is a finding. Check that automatic mounting of the USB mass storage driver has been disabled with the following command: #sudo modprobe -vn usb-storage install /bin/true If “install /bin/true” is not returned, this is a finding.

Check Text ( C-16189r284838_chk )

Verify that automatic mounting of the Universal Serial Bus (USB) mass storage driver has been disabled.

Check that the USB mass storage drive has not been loaded with the following command:

#lsmod | grep usb-storage

If a "usb-storage" line is returned, this is a finding.

Check that automatic mounting of the USB mass storage driver has been disabled with the following command:

#sudo modprobe -vn usb-storage

install /bin/true

If “install /bin/true” is not returned, this is a finding.

Fix Text (F-16187r284839_fix)
Disable the mounting of the Universal Serial Bus (USB) mass storage driver by running the following command: # sudo echo “install usb-storage /bin/true” >> /etc/modprobe.d/DISASTIG.conf