The LILO Boot Loader password is not encrypted.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-12036 | LNX00200 | SV-12537r2_rule | IAIA-1 IAIA-2 | High |
| Description |
|---|
| On newer linux systems, the lilo password can be hashed in a separate file. To determine if the lilo password is encrypted perform the following: # grep password /etc/lilo.conf If the returned line contains password=””, then perform the following: # more /etc/lilo.conf.crc If the file does not exist, this is a finding. |
| STIG | Date |
|---|---|
| VMware ESX 3 Server | 2016-05-13 |
Details
| Check Text ( C-7999r2_chk ) |
|---|
| On newer Linux systems, the LILO password can be hashed in a separate file. To determine if the LILO password is encrypted perform the following: # grep password /etc/lilo.conf If the returned line contains password=””, then perform the following: # more /etc/lilo.conf.crc If the system uses the LILO boot loader, and the file does not exist, this is a finding. |
| Fix Text (F-11293r2_fix) |
|---|
| Configure LILO for encrypted passwords. |