4.14 Configuration: /etc/motd

Information

Create a /etc/motd file which displays, post initial logon, a statutory warning message.

Rationale:

The creation of a /etc/motd file which contains a statutory warning message could aid in the prosecution of offenders guilty of unauthorized system access. The /etc/motd is displayed after successful logins from the console, SSH and other system access protocols.

Solution

Create a /etc/motd file:

touch /etc/motd
chmod u=rw,go=r /etc/motd
chown bin:bin /etc/motd

Below is a sample banner:

*************************************************************************** '
NOTICE TO USERS
This computer system is the private property of its owner, whether individual, corporate or government. It is for authorized use only. Users (authorized or unauthorized) have no explicit or implicit expectation of privacy. Any or all uses of this system and all files on this system may be intercepted, monitored, recorded, copied, audited, inspected, and disclosed to your employer, to authorized site, government, and law enforcement personnel, as well as authorized officials of government agencies, both domestic and foreign. By using this system, the user consents to such interception, monitoring,recording, copying, auditing, inspection, and disclosure at the discretion of such personnel or officials. Unauthorized or improper use of this system may result in civil and criminal penalties and administrative or disciplinary action, as appropriate. By continuing to use this system you indicate your awareness of and consent to these terms and conditions of use. LOG OFF IMMEDIATELY if you do not agree to the conditions stated in this warning.
****************************************************************************

NOTE: Replace 'its owner' with the relevant company name

Default Value:

N/A

See Also

https://workbench.cisecurity.org/benchmarks/13069

Item Details

Category: CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

References: 800-53|CM-2, 800-53|CM-6, 800-53|CM-7, 800-53|CM-7(1), 800-53|CM-9, 800-53|SA-3, 800-53|SA-8, 800-53|SA-10, CSCv7|5.1

Plugin: Unix

Control ID: 91952a14742fca38a7dacaf0e637577ce29abcda566eb7fc7757ab5b2e155aa7