Check: OL6-00-000331
Oracle Linux 6 STIG:
OL6-00-000331
(in versions v2 r7 through v1 r9)
Title
The Bluetooth service must be disabled. (Cat II impact)
Discussion
Disabling the "bluetooth" service prevents the system from attempting connections to Bluetooth devices, which entails some security risk. Nevertheless, variation in this risk decision may be expected due to the utility of Bluetooth connectivity and its limited range.
Check Content
To check that the "bluetooth" service is disabled in system boot configuration, run the following command: # chkconfig "bluetooth" --list Output should indicate the "bluetooth" service has either not been installed or has been disabled at all runlevels, as shown in the example below: # chkconfig "bluetooth" --list "bluetooth" 0:off 1:off 2:off 3:off 4:off 5:off 6:off If the service is configured to run, this is a finding.
Fix Text
The "bluetooth" service can be disabled with the following command: # chkconfig bluetooth off # service bluetooth stop
Additional Identifiers
Rule ID: SV-219581r793838_rule
Vulnerability ID: V-219581
Group Title: SRG-OS-000095
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000085 |
The organization monitors for unauthorized connections of mobile devices to organizational information systems. |
CCI-000381 |
The organization configures the information system to provide only essential capabilities. |
Controls
Number | Title |
---|---|
CM-7 |
Least Functionality |