Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-248837 | OL08-00-040080 | SV-248837r780077_rule | Medium |
Description |
---|
USB mass storage permits easy introduction of unknown devices, thereby facilitating malicious activity. |
STIG | Date |
---|---|
Oracle Linux 8 Security Technical Implementation Guide | 2021-07-21 |
Check Text ( C-52271r780075_chk ) |
---|
Determine if USB mass storage is disabled with the following command: $ sudo grep usb-storage /etc/modprobe.d/* | grep -i "blacklist" | grep -v "^#" /etc/modprobe.d/blacklist.conf:blacklist usb-storage If the command does not return any output or the output is not "blacklist usb-storage", and use of USB storage devices is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding. |
Fix Text (F-52225r780076_fix) |
---|
Configure OL 8 to disable the ability to use USB mass storage devices. $ sudo vi /etc/modprobe.d/blacklist.conf Add or update the line: blacklist usb-storage |