Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-48053 | SOL-11.1-040190 | SV-60925r1_rule | Medium |
Description |
---|
The use of common words in passwords simplifies password-cracking attacks. |
STIG | Date |
---|---|
Solaris 11 X86 Security Technical Implementation Guide | 2016-06-29 |
Check Text ( C-50485r1_chk ) |
---|
Check /etc/default/passwd for dictionary check configuration. # grep ^DICTION /etc/default/passwd If the DICTIONLIST or DICTIONDBDIR settings are not present and are not set to: DICTIONLIST=/usr/share/lib/dict/words DICTIONDBDIR=/var/passwd this is a finding. Determine if the target files exist. # ls -l /usr/share/lib/dict/words /var/passwd If the files defined by DICTIONLIST or DICTIONBDIR are not present or are empty, this is a finding. |
Fix Text (F-51661r1_fix) |
---|
The root role is required. # pfedit /etc/default/passwd Insert the lines: DICTIONLIST=/usr/share/lib/dict/words DICTIONDBDIR=/var/passwd Generate the password dictionary by running the mkpwdict command. # mkpwdict -s /usr/share/lib/dict/words |