1.1.24 Disable USB Storage - lsmod


USB storage provides a means to transfer and store files insuring persistence and availability of the files independent of network connection status. Its popularity and utility has led to USB-based malware being a simple and common means for network infiltration and a first step to establishing a persistent threat within a networked environment.

Note: An alternative solution to disabling the usb-storage module may be found in USBGuard. Use of USBGuard and construction of USB device policies should be done in alignment with site policy.


Restricting USB access on the system will decrease the physical attack surface for a device and diminish the possible vectors to introduce malware.


Edit or create a file in the /etc/modprobe.d/ directory ending in .conf
Example: vi /etc/modprobe.d/usb_storage.conf
and add the following line:

install usb-storage /bin/true

Run the following command to unload the usb-storage module:

rmmod usb-storage

See Also


Item Details


References: 800-53|CM-7b.

Plugin: Unix

Control ID: c3bd59f030974b4ea8df5b13d327feae216449e5281f26305846307c1310de6e