3.1.3 Ensure bluetooth services are not in use

Information

Bluetooth is a short-range wireless technology standard that is used for exchanging data between devices over short distances. It employs UHF radio waves in the ISM bands, from 2.402 GHz to 2.48 GHz. It is mainly used as an alternative to wire connections.

An attacker may be able to find a way to access or corrupt your data. One example of this type of activity is bluesnarfing which refers to attackers using a Bluetooth connection to steal information off of your Bluetooth device. Also, viruses or other malicious code can take advantage of Bluetooth technology to infect other devices. If you are infected, your data may be corrupted, compromised, stolen, or lost.

Solution

Run the following commands to stop bluetooth.service and remove the bluez package:

# systemctl stop bluetooth.service
# apt purge bluez

- OR -

- IF - the bluez package is required as a dependency:

Run the following commands to stop and mask bluetooth.service :

# systemctl stop bluetooth.service
# systemctl mask bluetooth.service

Note: A reboot may be required

Impact:

Many personal electronic devices (PEDs) use Bluetooth technology. For example, you may be able to operate your computer with a wireless keyboard. Disabling Bluetooth will prevent these devices from connecting to the system.

There may be packages that are dependent on the bluez package. If the bluez package is removed, these dependent packages will be removed as well. Before removing the bluez package, review any dependent packages to determine if they are required on the system.

-IF- a dependent package is required: stop and mask bluetooth.service leaving the bluez package installed.

See Also

https://workbench.cisecurity.org/benchmarks/17074

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, 800-53|CM-7, CSCv7|9.2

Plugin: Unix

Control ID: 6ba11d5a2a8a77eb9277d003e3ea26e4076d22e22bbcc3ec6a670529801a8f99