← Back to Riverbed NetIM OS Security Technical Implementation Guide

V-275631

CAT II (Medium)

Ubuntu OS must disable automatic mounting of Universal Serial Bus (USB) mass storage driver.

Rule ID

SV-275631r1147943_rule

STIG

Riverbed NetIM OS Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-001958 CCI-003959

Discussion

Without authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity. Peripherals include, but are not limited to, such devices as flash drives, external storage, and printers. Satisfies: SRG-OS-000378-GPOS-00163, SRG-OS-000690-GPOS-00140

Check Content

Verify Ubuntu OS disables ability to load the USB storage kernel module by using the following command: 
 
     $ grep usb-storage /etc/modprobe.d/* | grep "/bin/false" 
     /etc/modprobe.d/stig.conf:install usb-storage /bin/false 
 
If the command does not return any output, or the line is commented out, this is a finding. 
 
Verify Ubuntu OS disables the ability to use USB mass storage device. 
 
     $ grep usb-storage /etc/modprobe.d/* | grep -i "blacklist" 
     /etc/modprobe.d/stig.conf:blacklist usb-storage 
 
If the command does not return any output, or the line is commented out, this is a finding.

Fix Text

Configure Ubuntu OS to disable using the USB storage kernel module.  
 
Create and/or append a custom file under "/etc/modprobe.d/" to contain the following: 
 
     $ sudo su -c "echo install usb-storage /bin/false >> /etc/modprobe.d/stig.conf" 
 
Configure Ubuntu OS to disable the ability to use USB mass storage devices. 
 
     $ sudo su -c "echo blacklist usb-storage >> /etc/modprobe.d/stig.conf"