Check: RHEL-07-041010
Red Hat Enterprise Linux 7 STIG:
RHEL-07-041010
(in versions v3 r14 through v1 r1)
Title
The Red Hat Enterprise Linux operating system must be configured so that all wireless network adapters are disabled. (Cat II impact)
Discussion
The use of wireless networking can introduce many different attack vectors into the organization's network. Common attack vectors such as malicious association and ad hoc networks will allow an attacker to spoof a wireless access point (AP), allowing validated systems to connect to the malicious AP and enabling the attacker to monitor and record network traffic. These malicious APs can also serve to create a man-in-the-middle attack or be used to create a denial of service to valid network resources.
Check Content
Verify that there are no wireless interfaces configured on the system. This is N/A for systems that do not have wireless network adapters. Check for the presence of active wireless interfaces with the following command: # nmcli device DEVICE TYPE STATE eth0 ethernet connected wlp3s0 wifi disconnected lo loopback unmanaged If a wireless interface is configured and its use on the system is not documented with the Information System Security Officer (ISSO), this is a finding.
Fix Text
Configure the system to disable all wireless network interfaces with the following command: #nmcli radio wifi off
Additional Identifiers
Rule ID: SV-204634r877465_rule
Vulnerability ID: V-204634
Group Title: SRG-OS-000424-GPOS-00188
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-001443 |
The information system protects wireless access to the system using authentication of users and/or devices. |
| CCI-001444 |
The information system protects wireless access to the system using encryption. |
| CCI-002418 |
The information system protects the confidentiality and/or integrity of transmitted information. |