Check: PHTN-67-000004
VMware vSphere 6.7 Photon OS STIG:
PHTN-67-000004
(in versions v1 r6 through v1 r1)
Title
The Photon operating system must limit the number of concurrent sessions to 10 for all accounts and/or account types. (Cat II impact)
Discussion
Operating system management includes the ability to control the number of users and user sessions that utilize an operating system. Limiting the number of allowed users and sessions per user is helpful in reducing the risks related to denial-of-service attacks.
Check Content
At the command line, execute the following command: # grep "^[^#].*maxlogins.*" /etc/security/limits.conf Expected result: * hard maxlogins 10 If the output does not match the expected result, this is a finding. Note: The expected result may be repeated multiple times.
Fix Text
At the command line, execute the following command: # echo '* hard maxlogins 10' >> /etc/security/limits.conf
Additional Identifiers
Rule ID: SV-239076r877399_rule
Vulnerability ID: V-239076
Group Title: SRG-OS-000027-GPOS-00008
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000054 |
The information system limits the number of concurrent sessions for each organization-defined account and/or account type to an organization-defined number of sessions. |
Controls
Number | Title |
---|---|
AC-10 |
Concurrent Session Control |