PHTN-67-000002 - The Photon operating system must automatically lock an account when three unsuccessful logon attempts occur.

Gavin M. Dennis

22 April 2022 15:05

Details

By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.

Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128

Solution

Open /etc/pam.d/system-auth with a text editor.

Add the following line after the last auth statement:

auth required pam_tally2.so file=/var/log/tallylog deny=3 onerr=fail even_deny_root unlock_time=86400 root_unlock_time=300

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_vSphere_6-7_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.

References

800-53|AC-7a.
800-53|AC-7b.
CAT|II
CCI|CCI-000044
CCI|CCI-002238
Rule-ID|SV-239074r675030_rule
STIG-ID|PHTN-67-000002
Vuln-ID|V-239074

Source

Tenable.com/audits

PS. Before you go.

Request a quote to protect your organisation from cyber attacks and breaches.

Was this article helpful?

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.

Articles in this section