Check: NET1646
Network - Firewall:
NET1646
(in versions v8 r25 through v8 r21)
Title
The network device must be configured for a maximum number of unsuccessful SSH logon attempts set at 3 before resetting the interface. (Cat II impact)
Discussion
An attacker may attempt to connect to the device using SSH by guessing the authentication method and authentication key or shared secret. Setting the authentication retry to 3 or less strengthens against a Brute Force attack.
Check Content
Review the configuration and verify the number of unsuccessful SSH logon attempts is set at 3. If the device is not configured to reset unsuccessful SSH logon attempts at 3, this is a finding.
Fix Text
Configure the network device to require a maximum number of unsuccessful SSH logon attempts at 3.
Additional Identifiers
Rule ID:
Vulnerability ID: V-5613
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |