Check: GEN007841
HP-UX 11.31 STIG:
GEN007841
(in versions v1 r19 through v1 r13)
Title
Wireless network adapters must be disabled. (Cat II impact)
Discussion
The use of wireless networking can introduce many different attack vectors into the organization’s network. Common attack vectors such as malicious association and ad hoc networks will allow an attacker to spoof a wireless access point (AP), allowing validated systems to connect to the malicious AP and enabling the attacker to monitor and record network traffic. These malicious APs can also serve to create a man-in-the-middle attack or be used to create a denial of service to valid network resources.
Check Content
This is N/A for systems that do not have wireless network adapters. Verify that there are no wireless interfaces configured on the system: # nwmgr Note: This command will produce a list of interfaces that are configured on the host. With the assistance of the System Administrator, identify any wireless interfaces listed in the output of the above command. If a wireless interface is configured, it must be documented and approved by the local Authorizing Official. If a wireless interface is configured and has not been documented and approved, this is a finding.
Fix Text
Configure the system to disable all wireless network interfaces.
Additional Identifiers
Rule ID: SV-87463r1_rule
Vulnerability ID: V-72819
Group Title: GEN007841
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001443 |
The information system protects wireless access to the system using authentication of users and/or devices. |
CCI-001444 |
The information system protects wireless access to the system using encryption. |
CCI-002418 |
The information system protects the confidentiality and/or integrity of transmitted information. |