Check: GEN008480
AIX 5.3 STIG:
GEN008480
(in version v1 r3)
Title
The system must have USB Mass Storage disabled unless needed. (Cat III impact)
Discussion
USB is a common computer peripheral interface. USB devices may include storage devices that could be used to install malicious software on a system or exfiltrate data.
Check Content
If the system uses USB mass storage, this is not applicable. # lslpp -l | grep -e devices.usbif.010100 -e devices.usbif.08025 -e devices.usbif.080400 If these filesets are installed on the system, USB mass storage is enabled and this is a finding.
Fix Text
Disable USB mass storage on the system by using SMIT to remove the following filesets. devices.usbif.010100 devices.usbif.08025002 devices.usbif.080400 # smitty remove
Additional Identifiers
Rule ID: SV-38834r1_rule
Vulnerability ID: V-22579
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |