Details

Removable media such as CD/DVDs allow a path for malware to be introduced to a Linux System. It is imperative to protect Linux systems from malware introduced from removable media by ensuring they are scanned before use.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Create procedures, or add to existing system administration procedures, which require the scanning of all media used for system maintenance before media is used.

Supportive Information

The following resource is also helpful.

• https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_McAfee_VSEL_1-9_2-0_Y20M04_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Maintenance.This control applies to the following type of system Unix.

References

• 800-53|MA-3(2)
• CAT|II
• CCI|CCI-000870
• Rule-ID|SV-77553r1_rule
• STIG-ID|DTAVSEL-200
• Vuln-ID|V-63063

Source

• Tenable.com/audits