Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Upon successful login, the firewall implementation must notify the user of the number of unsuccessful login attempts since the last successful login.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000049-FW-000040 | SRG-NET-000049-FW-000040 | SRG-NET-000049-FW-000040_rule | Low |
| Description |
|---|
| Providing users with information regarding the date and time of their last successful login allows the user to determine if any unauthorized activity has occurred and gives them an opportunity to notify administrators. Without this information, the user may not become aware that unauthorized activity has occurred. |
| STIG | Date |
|---|---|
| Firewall Security Requirements Guide | 2012-12-10 |
Details
| Check Text ( C-SRG-NET-000049-FW-000040_chk ) |
|---|
| Initiate a failed login attempt using the target user's account followed by a successful attempt for the same user account. If the number of unsuccessful login attempts since the last successful login is not displayed, this is a finding. |
| Fix Text (F-SRG-NET-000049-FW-000040_fix) |
|---|
| Configure the firewall implementation to display the number of unsuccessful login attempts since the last successful login. |