SV-217298r603262_rule
V-217298
SRG-OS-000299-GPOS-00117
SLES-12-030450
CAT II
10
Configure the SUSE operating system to disable all wireless network interfaces with the following command:
For each interface of type wireless, bring the interface into "down" state:
# wicked ifdown wlan0
For each interface of type wireless with a configuration of type "compat:suse:", remove the associated file:
# rm /etc/sysconfig/network/ifcfg-wlan0
For each interface of type wireless, for each configuration of type "wicked:xml:", remove the associated file or remove the interface configuration from the file.
# rm /etc/wicked/ifconfig/wlan0.xml
Verify that the SUSE operating system has no wireless network adapters enabled.
Check that there are no wireless interfaces configured on the system with the following command:
# wicked show all
lo up
link: #1, state up
type: loopback
config: compat:suse:/etc/sysconfig/network/ifcfg-lo
leases: ipv4 static granted
leases: ipv6 static granted
addr: ipv4 127.0.0.1/8 [static]
addr: ipv6 ::1/128 [static]
eth0 up
link: #2, state up, mtu 1500
type: ethernet, hwaddr 06:00:00:00:00:01
config: compat:suse:/etc/sysconfig/network/ifcfg-eth0
leases: ipv4 dhcp granted
leases: ipv6 dhcp granted, ipv6 auto granted
addr: ipv4 10.0.0.100/16 [dhcp]
route: ipv4 default via 10.0.0.1 proto dhcp
wlan0 up
link: #3, state up, mtu 1500
type: wireless, hwaddr 06:00:00:00:00:02
config: wicked:xml:/etc/wicked/ifconfig/wlan0.xml
leases: ipv4 dhcp granted
addr: ipv4 10.0.0.101/16 [dhcp]
route: ipv4 default via 10.0.0.1 proto dhcp
If a wireless interface is configured it must be documented and approved by the local Authorizing Official.
If a wireless interface is configured and has not been documented and approved, this is a finding.
V-217298
False
SLES-12-030450
Verify that the SUSE operating system has no wireless network adapters enabled.
Check that there are no wireless interfaces configured on the system with the following command:
# wicked show all
lo up
link: #1, state up
type: loopback
config: compat:suse:/etc/sysconfig/network/ifcfg-lo
leases: ipv4 static granted
leases: ipv6 static granted
addr: ipv4 127.0.0.1/8 [static]
addr: ipv6 ::1/128 [static]
eth0 up
link: #2, state up, mtu 1500
type: ethernet, hwaddr 06:00:00:00:00:01
config: compat:suse:/etc/sysconfig/network/ifcfg-eth0
leases: ipv4 dhcp granted
leases: ipv6 dhcp granted, ipv6 auto granted
addr: ipv4 10.0.0.100/16 [dhcp]
route: ipv4 default via 10.0.0.1 proto dhcp
wlan0 up
link: #3, state up, mtu 1500
type: wireless, hwaddr 06:00:00:00:00:02
config: wicked:xml:/etc/wicked/ifconfig/wlan0.xml
leases: ipv4 dhcp granted
addr: ipv4 10.0.0.101/16 [dhcp]
route: ipv4 default via 10.0.0.1 proto dhcp
If a wireless interface is configured it must be documented and approved by the local Authorizing Official.
If a wireless interface is configured and has not been documented and approved, this is a finding.
M
4033