Check: RHEL-06-000331
Red Hat Enterprise Linux 6 STIG:
RHEL-06-000331
(in versions v2 r2 through v1 r14)
Title
The Bluetooth service must be disabled. (Cat II impact)
Discussion
Disabling the "bluetooth" service prevents the system from attempting connections to Bluetooth devices, which entails some security risk. Nevertheless, variation in this risk decision may be expected due to the utility of Bluetooth connectivity and its limited range.
Check Content
To check that the "bluetooth" service is disabled in system boot configuration, run the following command: # chkconfig "bluetooth" --list Output should indicate the "bluetooth" service has either not been installed or has been disabled at all runlevels, as shown in the example below: # chkconfig "bluetooth" --list "bluetooth" 0:off 1:off 2:off 3:off 4:off 5:off 6:off If the service is configured to run, this is a finding.
Fix Text
The "bluetooth" service can be disabled with the following command: # chkconfig bluetooth off # service bluetooth stop
Additional Identifiers
Rule ID: SV-218064r603264_rule
Vulnerability ID: V-218064
Group Title: SRG-OS-000095
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000085 |
The organization monitors for unauthorized connections of mobile devices to organizational information systems. |
| CCI-000381 |
The organization configures the information system to provide only essential capabilities. |
| CCI-000382 |
The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services. |
Controls
| Number | Title |
|---|---|
| CM-7 |
Least Functionality |