The Red Hat Enterprise Linux operating system must be configured to disable USB mass storage.

An XCCDF Rule

Description

<VulnDiscussion>USB mass storage permits easy introduction of unknown devices, thereby facilitating malicious activity. Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163, SRG-OS-000480-GPOS-00227</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-204449r942894_rule
Severity: Medium
References: CCI-000366 CCI-000778 CCI-001958
Updated: 8 months ago

Configure the operating system to disable the ability to use the USB Storage kernel module.

Create a file under "/etc/modprobe.d" with the following command:

     # touch /etc/modprobe.d/usb-storage.conf
Add the following line to the created file:

     install usb-storage /bin/false

Configure the operating system to disable the ability to use USB mass storage devices.

     # vi /etc/modprobe.d/blacklist.conf

Add or update the line:

     blacklist usb-storage

The Red Hat Enterprise Linux operating system must be configured to disable USB mass storage.

Description

Remediation - Manual Procedure