Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The network element must be configured for a maximum number of unsuccessful SSH login attempts set at 3 before resetting the interface.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-5613 | NET1646 | SV-15458r2_rule | Medium |
| Description |
|---|
| An attacker may attempt to connect to the device using SSH by guessing the authentication method and authentication key or shared secret. Setting the authentication retry to 3 or less strengthens against a Brute Force attack. |
| STIG | Date |
|---|---|
| Perimeter Router Security Technical Implementation Guide Cisco | 2017-06-27 |
Details
| Check Text ( C-12923r2_chk ) |
|---|
| Review the configuration and verify the number of unsuccessful SSH login attempts is set at 3. ip ssh authentication-retries 3 |
| Fix Text (F-5524r9_fix) |
|---|
| Configure the network device to require a maximum number of unsuccessful SSH logon attempts at 3. |