Check: OSX8-00-00200
Apple OSX 10.8 STIG:
OSX8-00-00200
(in version v1 r2)
Title
The operating system, upon successful logon, must display to the user the date and time of the last logon (access). (Cat II impact)
Discussion
Users need to be aware of activity that occurs regarding their account. Providing users with information regarding the date and time of their last successful login allows the user to determine if any unauthorized activity has occurred and gives them an opportunity to notify administrators.
Check Content
To see if SSH is configured to display the last login information, run the following command: grep ^PrintLastLog /etc/sshd_config | awk '{ print $2 }' If there is no result returned, or is "no", this is a finding.
Fix Text
To set the SSH server to print the last login information, run the following command: sudo sed -i.bak 's/.*PrintLastLog.*/PrintLastLog yes/' /etc/sshd_config
Additional Identifiers
Rule ID: SV-65669r1_rule
Vulnerability ID: V-51459
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000052 |
The information system notifies the user, upon successful logon (access) to the system, of the date and time of the last logon (access). |
Controls
Number | Title |
---|---|
AC-9 |
Previous Logon (Access) Notification |