Check: PHTN-67-000077
VMware vSphere 6.7 Photon OS STIG:
PHTN-67-000077
(in versions v1 r6 through v1 r1)
Title
The Photon operating system must enforce a delay of at least four seconds between logon prompts following a failed logon attempt. (Cat II impact)
Discussion
Limiting the number of logon attempts over a certain time interval reduces the chances that an unauthorized user may gain access to an account.
Check Content
At the command line, execute the following command: # grep pam_faildelay /etc/pam.d/system-auth|grep --color=always "delay=" Expected result: auth optional pam_faildelay.so delay=4000000 If the output does not match the expected result, this is a finding.
Fix Text
Open /etc/pam.d/system-auth with a text editor. Remove any existing "pam_faildelay" line and add the following line at the end of the file: auth optional pam_faildelay.so delay=4000000
Additional Identifiers
Rule ID: SV-239148r675252_rule
Vulnerability ID: V-239148
Group Title: SRG-OS-000480-GPOS-00226
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |