STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide

V-261346

CAT II (Medium)

SLEM 5 wireless network adapters must be disabled unless approved and documented.

Rule ID

SV-261346r1184409_rule

STIG

SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide

Version

V1R4

CCIs

CCI-001444CCI-001443CCI-002418

Discussion

Without protection of communications with wireless peripherals, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read, altered, or used to compromise SLEM 5. This requirement applies to wireless peripheral technologies (e.g., wireless mice, keyboards, displays, etc.) used with a SLEM 5. Wireless peripherals (e.g., Wi-Fi/Bluetooth/IR keyboards, mice, pointing devices, and Near Field Communications [NFC]) present a unique challenge by creating an open, unsecured port on a computer. Wireless peripherals must meet DOD requirements for wireless data transmission and be approved for use by the AO. Even though some wireless peripherals, such as mice and pointing devices, do not ordinarily carry information that need to be protected, modification of communications with these wireless peripherals may be used to compromise SLEM 5. Communication paths outside the physical protection of a controlled boundary are exposed to the possibility of interception and modification. Protecting the confidentiality and integrity of communications with wireless peripherals can be accomplished by physical means (e.g., employing physical barriers to wireless radio frequencies) or by logical means (e.g., employing cryptographic techniques). If physical means of protection are employed, then logical means (cryptography) do not have to be employed, and vice versa. If the wireless peripheral is only passing telemetry data, encryption of the data may not be required.

Check Content

Verify SLEM 5 has no wireless network adapters enabled.

Check the status of all network devices with this command:
    > nmcli device status
    DEVICE  TYPE      STATE      CONNECTION
    eth0    ethernet  connected  Wired connection 1
    lo      loopback  unmanaged  --

If there is a device listed with a type of "wifi", and it is not documented and approved as an operational requirement with the authorizing official (AO), this is a finding.

Check the status of the software switches with the following command:
    > nmcli radio
    WIFI-HW  WIFI      WWAN-HW  WWAN
    missing  disabled  missing  disabled

If any wireless devices are "enabled" that are not documented and approved as an operational requirement with the AO, this is a finding.

Fix Text

Configure SLEM 5 to disable all wireless network interfaces.

Run "nmcli device status" and note the device name from the DEVICE column for any wireless devices (e.g., wlan0).

Set the device to unmanaged using the device name:
    > sudo nmcli device set wlan0 managed no

Set the software switches to "off" with the following commands:
    > sudo nmcli radio wwan off
    > sudo nmcli radio wifi off