The system must have USB disabled unless needed.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-22578	GEN008460	SV-38400r1_rule	ECSC-1	Low

Description
USB is a common computer peripheral interface. USB devices may include storage devices that could be used to install malicious software on a system or exfiltrate data.

STIG	Date
HP-UX 11.31 Security Technical Implementation Guide	2016-12-20

Details

Check Text ( C-36789r1_chk )
# ioscan -fnC usb If the system uses USB, this is not applicable. By default, HP-UX systems tend to use both a USB keyboard and mouse. The following sample is a section of a system ioscan output showing the discovered USB controllers and devices. Notice, there are 3 NEC USB controllers. The first 2 USB controllers are OHCI (Open Host Controller Interface) controllers for low and full speed USB 1.0 and 1.1 devices. The 3rd USB controller is an EHCI (Enhanced Host Controller Interface) controller for high speed USB 2.0 devices. The first OHCI USB controller has a keyboard, a mouse, and a mass storage device attached. The second OHCI USB controller has no devices attached. The third USB controller, EHCI, has 2 mass storage devices attached. Class I H/W Path Driver S/W State H/W Type Description ================================================================================================ Usb 0 0/0/2/0 hcd CLAIMED INTERFACE NEC OHCI Controller usbcomp 0 0/0/2/0.1 usbcomposite CLAIMED DEVICE USB Composite Device usbhid 0 0/0/2/0.1.0 hid CLAIMED DEVICE USB HID Kbd(0) usbhid 1 0/0/2/0.1.1 hid CLAIMED DEVICE USB HID Pointer(1) usbms 0 0/0/2/0.1.2 ms CLAIMED DEVICE USB Mass Storage [0] usb 1 0/0/2/1 hcd CLAIMED INTERFACE NEC OHCI Controller usb 2 0/0/2/2 ehci CLAIMED INTERFACE NEC EHCI Controller usbms 2 0/0/2/2.2 ms CLAIMED DEVICE USB Mass Storage [1] usbms 3 0/0/2/2.3 ms CLAIMED DEVICE USB Mass Storage [2] Determine if the system has USB enabled. If it does, this is a finding.

Check Text ( C-36789r1_chk )

# ioscan -fnC usb

If the system uses USB, this is not applicable. By default, HP-UX systems tend to use both a USB keyboard and mouse. The following sample is a section of a system ioscan output showing the discovered USB controllers and devices. Notice, there are 3 NEC USB controllers. The first 2 USB controllers are OHCI (Open Host Controller Interface) controllers for low and full speed USB 1.0 and 1.1 devices. The 3rd USB controller is an EHCI (Enhanced Host Controller Interface) controller for high speed USB 2.0 devices. The first OHCI USB controller has a keyboard, a mouse, and a mass storage device attached. The second OHCI USB controller has no devices attached. The third USB controller, EHCI, has 2 mass storage devices attached.

Class I H/W Path Driver S/W State H/W Type Description
================================================================================================
Usb 0 0/0/2/0 hcd CLAIMED INTERFACE NEC OHCI Controller
usbcomp 0 0/0/2/0.1 usbcomposite CLAIMED DEVICE USB Composite Device
usbhid 0 0/0/2/0.1.0 hid CLAIMED DEVICE USB HID Kbd(0)
usbhid 1 0/0/2/0.1.1 hid CLAIMED DEVICE USB HID Pointer(1)
usbms 0 0/0/2/0.1.2 ms CLAIMED DEVICE USB Mass Storage [0]
usb 1 0/0/2/1 hcd CLAIMED INTERFACE NEC OHCI Controller
usb 2 0/0/2/2 ehci CLAIMED INTERFACE NEC EHCI Controller
usbms 2 0/0/2/2.2 ms CLAIMED DEVICE USB Mass Storage [1]
usbms 3 0/0/2/2.3 ms CLAIMED DEVICE USB Mass Storage [2]

Determine if the system has USB enabled. If it does, this is a finding.

Fix Text (F-32168r1_fix)
Disable USB on the system. In doing so, remember the keyboard and mouse will no longer work.