The system must have USB Mass Storage disabled unless needed.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-22579	GEN008480	SV-26970r3_rule	ECSC-1	Low

Description
USB is a common computer peripheral interface. USB devices may include storage devices that could be used to install malicious software on a system or exfiltrate data.

STIG	Date
Solaris 10 SPARC Security Technical Implementation Guide	2014-04-04

Details

Check Text ( C-27917r5_chk )
If the system needs a particular USB driver for storage, this vulnerability is not applicable. grep 'exclude: usb_ac' /etc/system grep 'exclude: usb_as' /etc/system grep 'exclude: hid' /etc/system grep 'exclude: scsa2usb' /etc/system grep 'exclude: usbprn' /etc/system grep 'exclude: usbser_edge' /etc/system If no results are returned from any particular command, this is a finding.

Fix Text (F-24232r4_fix)
Prevent the USB drivers from loading. # echo "exclude: usb_ac" >> /etc/system # echo "exclude: usb_as" >> /etc/system # echo "exclude: hid" >> /etc/system # echo "exclude: scsa2usb" >> /etc/system # echo "exclude: usbprn" >> /etc/system # echo "exclude: usbser_edge" >> /etc/system