Upon successful logon, the IDPS must display, to the user, the number of unsuccessful logon attempts since the last successful logon.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000049-IDPS-000065 | SRG-NET-000049-IDPS-000065 | SRG-NET-000049-IDPS-000065_rule | Low |
| Description |
|---|
| Providing users with information regarding the number of unsuccessful logon attempts since the last successful login. Without this information, the user may not become aware that unauthorized activity has occurred. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43193_chk ) |
|---|
| Have the administrator connect to the management console using the GUI. Note if the number of unsuccessful logon attempts since the last successful logon is displayed. Have the administrator connect to the maintenance console using the SSH interface. Note if the number of unsuccessful logon attempts since the last successful logon is displayed. If the number of unsuccessful logon attempts since the last successful logon is not displayed, this is a finding. |
| Fix Text (F-43193_fix) |
|---|
| Configure the IDPS management console GUI and SSH interface to display the number of unsuccessful logon attempts since the last successful logon |