PHTN-67-000002 - The Photon operating system must automatically lock an account when three unsuccessful logon attempts occur.

Information

By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.

Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128

Solution

Open /etc/pam.d/system-auth with a text editor.

Add the following line after the last auth statement:

auth required pam_tally2.so file=/var/log/tallylog deny=3 onerr=fail even_deny_root unlock_time=86400 root_unlock_time=300

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_vSphere_6-7_Y23M07_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-7a., 800-53|AC-7b., CAT|II, CCI|CCI-000044, CCI|CCI-002238, Rule-ID|SV-239074r856034_rule, STIG-ID|PHTN-67-000002, Vuln-ID|V-239074

Plugin: Unix

Control ID: fd08832dc3ed6586f44a81ba7e689b6b6c19cb267365fa1941df329251f6c00a