GEN008460 - The system must have USB disabled unless needed - 'lslpp'

Information

USB is a common computer peripheral interface. USB devices may include storage devices that could be used to install malicious software on a system or exfiltrate data.

Solution

Disable USB devices on the system. Use SMIT to remove the following filesets.
devices.usbif.*
# smitty remove

See Also

http://iasecontent.disa.mil/stigs/zip/U_STIG_Library_2015_07.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|III, CCI|CCI-000366, Rule-ID|SV-38833r1_rule, STIG-ID|GEN008460, Vuln-ID|V-22578

Plugin: Unix

Control ID: a730d1f11321a56a1e387ee47c2ed5d7d6d1a2cb94fe1b6df312fca145d34e09