UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network element must be configured for a maximum number of unsuccessful SSH login attempts set at 3 before resetting the interface.


Overview

Finding ID Version Rule ID IA Controls Severity
V-5613 NET1646 SV-5613r2_rule ECSC-1 Medium
Description
An attacker may attempt to connect to the device using SSH by guessing the authentication method and authentication key or shared secret. Setting the authentication retry to 3 or less strengthens against a Brute Force attack.
STIG Date
Firewall Security Technical Implementation Guide - Cisco 2013-10-08

Details

Check Text ( C-3538r4_chk )
Review the configuration and verify the number of unsuccessful SSH login attempts is set at 3.
Fix Text (F-5524r7_fix)
Configure the network element to require a maximum number of unsuccessful SSH login attempts at 3.