Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-89875 | VRAU-SL-001525 | SV-100525r1_rule | Medium |
Description |
---|
Limiting the number of logon attempts over a certain time interval reduces the chances that an unauthorized user may gain access to an account. |
STIG | Date |
---|---|
VMware vRealize Automation 7.x SLES Security Technical Implementation Guide | 2018-10-12 |
Check Text ( C-89567r1_chk ) |
---|
Verify the SLES for vRealize enforces a delay of at least "4" seconds between logon prompts following a failed logon attempt. Verify the use of the "pam_faildelay" module. # grep pam_faildelay /etc/pam.d/common-auth* The typical configuration looks something like this: #delay is in micro seconds auth required pam_faildelay.so delay=4000000 If the line is not present, this is a finding. |
Fix Text (F-96617r2_fix) |
---|
Configure the SLES for vRealize to enforce a delay of at least "4" seconds between logon prompts following a failed logon attempt with the following command: # sed -i "/^[^#]*pam_faildelay.so/ c\auth required pam_faildelay.so delay=4000000" /etc/pam.d/common-auth-vmware.local |