Check: AOSX-10-000065
Apple OS X 10-10 Workstation STIG:
AOSX-10-000065
(in versions v1 r5 through v1 r4)
Title
The Bluetooth software driver must be removed. (Cat III impact)
Discussion
The Bluetooth kernel extension must be removed, as wireless access introduces unnecessary security risks. Removing Bluetooth support entirely mitigates this risk.
Check Content
If Bluetooth connectivity is required to facilitate use of approved external devices, this is not applicable. To check if there are any hardware components for Bluetooth loaded in the system, run the following command: sudo kextstat | grep -i bluetooth If there is a result, this is a finding.
Fix Text
Removing the kernel extensions for Bluetooth will remove the system's ability to load Bluetooth devices, use the following commands to remove them: sudo rm -rf /System/Library/Extensions/IOBluetoothFamily.kext /System/Library/Extensions/IOBluetoothHIDDriver.kext; sudo touch /System/Library/Extensions
Additional Identifiers
Rule ID: SV-73969r1_rule
Vulnerability ID: V-59539
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |