Check: WIR0170
WMAN Subscriber STIG (STIG):
WIR0170
(in version v6 r8)
Title
A device’s wired network interfaces (e.g., Ethernet) must be disconnected or otherwise disabled when wireless connections are in use. (Cat II impact)
Discussion
If a client device supports simultaneous use of wireless and wired connections, then this increases the probability that an adversary who can access the device using its wireless interface can then route traffic through the device’s wired interface to attack devices on the wired network or obtain sensitive DoD information.
Check Content
Review client devices and verify that there is some technical procedure to disable the wireless network interface when the wired network interface is active (e.g., connected to a network via an Ethernet cable). Examples of compliant implementations: - Client side connection management software products have configuration settings that disable wireless connections when a wired connection is active. - Microsoft Windows hardware profiles can be created that disable assigned wireless network interfaces when the Ethernet connection is active. To check compliance, select a sample of devices (3-4), and establish a network connection using the wireless interface. Test that the wireless interface is active using a command line utility such as ifconfig (UNIX/Linux), or ipconfig (Windows), or management tools such as Network Connections within the Windows Control Panel. Then plug the device into an active Ethernet port (or other wired network). Repeat the process used to check that the connection was active to verify it is now disabled. Mark as a finding if one or more of the tested devices do not disable the wireless interface upon connection to a wired network. Also mark as finding if the device does not have the capability to disable the wireless interface when the wired interface is active.
Fix Text
Ensure the wired network interfaces on a WLAN client are disconnected or otherwise disabled when wireless network connections are in use.
Additional Identifiers
Rule ID: SV-14613r2_rule
Vulnerability ID: V-14002
Group Title: Simultaneous use of wired and wireless interfaces
Expert Comments
CCIs
Number | Definition |
---|---|
No CCIs are assigned to this check |
Controls
Number | Title |
---|---|
No controls are assigned to this check |