Check: GEN002640
SUSE Linux Enterprise Server v11 for System z STIG:
GEN002640
(in versions v1 r12 through v1 r9)
Title
Default system accounts must be disabled or removed. (Cat II impact)
Discussion
Vendor accounts and software may contain backdoors allowing unauthorized access to the system. These backdoors are common knowledge and present a threat to system security if the account is not disabled.
Check Content
Determine if default system accounts (such as those for sys, bin, uucp, nuucp, daemon, smtp) have been disabled. # cat /etc/shadow If an account's password field is "*", "*LK*", or is prefixed with a '!', the account is locked or disabled. If there are any unlocked default system accounts this is a finding.
Fix Text
Lock the default system account(s). # passwd -l <user>
Additional Identifiers
Rule ID: SV-45206r1_rule
Vulnerability ID: V-810
Group Title: GEN002640
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000178 |
The organization manages information system authenticators for users and devices by changing default content of authenticators upon information system installation. |
Controls
Number | Title |
---|---|
No controls are assigned to this check |