Detections
Analytics
1.8.2 Ensure 'SSH session timeout' is less than or equal to '5' minutes
Information
Sets the idle timeout for an SSH session before the security appliance terminates it.Rationale:
Limiting session timeout prevents unauthorized users from using abandoned sessions to perform malicious activities.
Solution
* Step 1: Run the following to set the SSH timeout to 5 minutesHOSTNAME(CONFIG)# SSH TIMEOUT_ 5_
See Also
https://benchmarks.cisecurity.org/tools2/cisco/CIS_Cisco_Firewall_Benchmark_v4.0.0.pdf
Item Details
Audit Name: CIS Cisco Firewall ASA 9 L1 v4.0.0
Category: ACCESS CONTROL
References: 800-53|AC-12, CSCv6|16.4
Plugin: Cisco
Control ID: a1dfe9e075225d10b802336847f43b802e88b316332c387d4bce482beff28fd7