Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The SUSE operating system must disable the USB mass storage kernel module.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-234856 | SLES-15-010480 | SV-234856r854202_rule | Medium |
| Description |
|---|
| Without identifying devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity. Peripherals include but are not limited to such devices as flash drives, external storage, and printers. |
| STIG | Date |
|---|---|
| SUSE Linux Enterprise Server 15 Security Technical Implementation Guide | 2024-02-16 |
Details
| Check Text ( C-38044r618837_chk ) |
|---|
| Verify the SUSE operating system does not automount USB mass storage devices when connected to the host. Check that "usb-storage" is blacklisted in the "/etc/modprobe.d/50-blacklist.conf" file with the following command: > grep usb-storage /etc/modprobe.d/50-blacklist.conf blacklist usb-storage If nothing is output from the command, this is a finding. |
| Fix Text (F-38007r618838_fix) |
|---|
| Configure the SUSE operating system to prevent USB mass storage devices from automounting when connected to the host. Add or update the following line to the "/etc/modprobe.d/50-blacklist.conf" file: blacklist usb-storage |