An error occurred:

Check: WIR0180

WLAN Client STIG (STIG): WIR0180 (in version v6 r9)

Title

Laptops with WLAN interfaces must have the WLAN card radio set to OFF as the default setting. (Cat II impact)

Discussion

Laptop computers with wireless interfaces particularly susceptible to the Windows XP wireless vulnerabilities. If a user has an active wireless interface with security disabled, a hacker could connect to the laptop without the user being aware of the connection. Most laptop vendors provide a software utility to manage WLAN connections for the embedded wireless interfaces. The utility usually provides a feature that allows a laptop user to turn off the WLAN radio.

Check Content

NOTE: This requirement does not apply to tactical WLAN systems where the WLAN client is configured to connect to only specific tactical access point(s). Have the SA or IAO demonstrate the configuration of the WLAN interface in the interface's management utility. 1. Observe that the interface is set to off by default upon boot-up of the WLAN client device. 2. Verify this is standard practice by checking a sample of WLAN laptops/PDAs (at least 2-3 should be checked). Laptops can be checked by verifying the status of the wireless interface upon boot-up in each profile used on the laptop. 3. Verify users have been trained on this requirement by reviewing the site training records and the signed User Agreement. 4. Mark as a finding any of the following is found: - The WLAN radio functionality (transmit/receive setting) is enabled upon system boot. - If the WLAN interface management utility does not provide the ability to set the radio to OFF by default. - Users have not received required training on how to disable a wireless interface.

Fix Text

Change the default setting on each WLAN interface to OFF and train users on how to disable wireless interfaces after they are no longer in use.

Additional Identifiers

Rule ID: SV-4632r1_rule

Vulnerability ID: V-4632

Group Title: Default OFF setting on wireless interfaces

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
No CCIs are assigned to this check

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
No controls are assigned to this check