Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-216338 | SOL-11.1-040190 | SV-216338r603267_rule | Medium |
Description |
---|
The use of common words in passwords simplifies password-cracking attacks. |
STIG | Date |
---|---|
Solaris 11 SPARC Security Technical Implementation Guide | 2024-02-02 |
Check Text ( C-17574r371102_chk ) |
---|
Check /etc/default/passwd for dictionary check configuration. # grep ^DICTION /etc/default/passwd If the DICTIONLIST or DICTIONDBDIR settings are not present and are not set to: DICTIONLIST=/usr/share/lib/dict/words DICTIONDBDIR=/var/passwd this is a finding. Determine if the target files exist. # ls -l /usr/share/lib/dict/words /var/passwd If the files defined by DICTIONLIST or DICTIONBDIR are not present or are empty, this is a finding. |
Fix Text (F-17572r371103_fix) |
---|
The root role is required. # pfedit /etc/default/passwd Insert the lines: DICTIONLIST=/usr/share/lib/dict/words DICTIONDBDIR=/var/passwd Generate the password dictionary by running the mkpwdict command. # mkpwdict -s /usr/share/lib/dict/words |