Check: PHTN-67-000076
VMware vSphere 6.7 Photon OS STIG:
PHTN-67-000076
(in versions v1 r6 through v1 r1)
Title
The Photon operating system must set the FAIL_DELAY parameter. (Cat II impact)
Discussion
Limiting the number of logon attempts over a certain time interval reduces the chances that an unauthorized user may gain access to an account.
Check Content
At the command line, execute the following command: # grep FAIL_DELAY /etc/login.defs Expected result: FAIL_DELAY 4 If the output does not match the expected result, this is a finding.
Fix Text
Open /etc/login.defs with a text editor. Add the following line after the last auth statement: FAIL_DELAY 4
Additional Identifiers
Rule ID: SV-239147r675249_rule
Vulnerability ID: V-239147
Group Title: SRG-OS-000480-GPOS-00226
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
Number | Title |
---|---|
CM-6 |
Configuration Settings |