UCF STIG Viewer Logo

Upon successful logon, the IDPS must display, to the user, the number of unsuccessful logon attempts since the last successful logon.


Overview

Finding ID Version Rule ID IA Controls Severity
V-34516 SRG-NET-000049-IDPS-00043 SV-45358r1_rule Low
Description
Providing users with information regarding the date and time of their last successful login allows the user to determine if any unauthorized activity has occurred and gives them an opportunity to notify administrators. Without this information, the user may not become aware that unauthorized activity has occurred.
STIG Date
Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide 2012-11-19

Details

Check Text ( C-42706r1_chk )
Initiate a failed logon attempt using the target user's account followed by a successful attempt for the same user account.

If the number of unsuccessful logon attempts since the last successful logon is not displayed, this is a finding.
Fix Text (F-38754r1_fix)
Configure the IDPS management console GUI and SSH interface to display the number of unsuccessful logon attempts since the last successful logon.