4.6.3 herald (logon message)

Information

This change adds a default herald to /etc/security/login.cfg.

Rationale:

This change puts into place a suggested login herald to replace the default entry. A herald should not provide any information about the operating system or version. Instead, it should detail a company standard acceptable use policy.

This suggestion for a herald should be tailored to reflect your corporate standard policy.

Solution

Add a default login herald to /etc/security/login.cfg:

chsec -f /etc/security/login.cfg -s default -a herald='Unauthorized use of this system is prohibited.\nlogin:'

Default Value:

N/A

See Also

https://workbench.cisecurity.org/benchmarks/13069

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-8

Plugin: Unix

Control ID: 913110278260b420877aaf5a25dc85cb3fe23745ecf6b7aab1a4d205b6a4caa3