Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-234856 | SLES-15-010480 | SV-234856r622137_rule | Medium |
Description |
---|
Without identifying devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity. Peripherals include but are not limited to such devices as flash drives, external storage, and printers. |
STIG | Date |
---|---|
SUSE Linux Enterprise Server 15 Security Technical Implementation Guide | 2021-06-14 |
Check Text ( C-38044r618837_chk ) |
---|
Verify the SUSE operating system does not automount USB mass storage devices when connected to the host. Check that "usb-storage" is blacklisted in the "/etc/modprobe.d/50-blacklist.conf" file with the following command: > grep usb-storage /etc/modprobe.d/50-blacklist.conf blacklist usb-storage If nothing is output from the command, this is a finding. |
Fix Text (F-38007r618838_fix) |
---|
Configure the SUSE operating system to prevent USB mass storage devices from automounting when connected to the host. Add or update the following line to the "/etc/modprobe.d/50-blacklist.conf" file: blacklist usb-storage |