Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-217155 | SLES-12-010580 | SV-217155r854091_rule | Medium |
Description |
---|
Without identifying devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity. Peripherals include but are not limited to such devices as flash drives, external storage, and printers. |
STIG | Date |
---|---|
SLES 12 Security Technical Implementation Guide | 2022-09-13 |
Check Text ( C-18383r369621_chk ) |
---|
Verify the SUSE operating system does not automount USB mass storage devices when connected to the host. Check that "usb-storage" is blacklisted in the "/etc/modprobe.d/50-blacklist.conf" file with the following command: # grep usb-storage /etc/modprobe.d/50-blacklist.conf blacklist usb-storage If nothing is output from the command, this is a finding. |
Fix Text (F-18381r369622_fix) |
---|
Configure the SUSE operating system to prevent USB mass storage devices from automounting when connected to the host. Add or update the following line to the "/etc/modprobe.d/50-blacklist.conf" file: blacklist usb-storage |