Detections
Analytics

800-53|IA-5(7)

Title

NO EMBEDDED UNENCRYPTED STATIC AUTHENTICATORS

Description

The organization ensures that unencrypted static authenticators are not embedded in applications or access scripts or stored on function keys.

Supplemental

Organizations exercise caution in determining whether embedded or stored authenticators are in encrypted or unencrypted form. If authenticators are used in the manner stored, then those representations are considered unencrypted authenticators. This is irrespective of whether that representation is perhaps an encrypted version of something else (e.g., a password).

Reference Item Details

Category: IDENTIFICATION AND AUTHENTICATION

Parent Title: AUTHENTICATOR MANAGEMENT

Family: IDENTIFICATION AND AUTHENTICATION

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.5.1 - Removal of .rhosts and .netrc files - .netrcUnixCIS AIX 5.3/6.1 L2 v1.1.0
1.8.9 Remove user .netrc, .rhosts and .shosts files '.netrc'UnixCIS HP-UX 11i v1.5
4.4.4 Removal of .rhosts and .netrc filesUnixCIS IBM AIX 7.2 L2 v1.1.0
4.12 ProcessModelWindowsCIS IIS 6.0 v1.0.0
6.2.9 Ensure no users have .netrc filesUnixCIS Ubuntu Linux 20.04 LTS Workstation L1 v1.0.0
6.2.9 Ensure no users have .netrc filesUnixCIS Ubuntu Linux 20.04 LTS Server L1 v1.0.0
6.2.10 Ensure no users have .netrc filesUnixCIS SUSE Linux Enterprise 15 Workstation L1 v1.0.0
6.2.10 Ensure no users have .netrc filesUnixCIS SUSE Linux Enterprise 15 Server L1 v1.0.0
6.2.12 Ensure no users have .netrc filesUnixCIS SUSE Linux Enterprise Server 12 L1 v2.1.0
6.2.12 Ensure no users have .netrc filesUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
6.2.12 Ensure no users have .netrc filesUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.0.1
6.2.12 Ensure no users have .netrc filesUnixCIS Red Hat 6 Workstation L1 v2.1.0
6.2.12 Ensure no users have .netrc filesUnixCIS Debian 8 Server L1 v2.0.1
6.2.12 Ensure no users have .netrc filesUnixCIS Ubuntu Linux 16.04 LTS Server L1 v1.1.0
6.2.12 Ensure no users have .netrc filesUnixCIS CentOS 6 Workstation L1 v2.1.0
6.2.12 Ensure no users have .netrc filesUnixCIS Amazon Linux 2 v1.0.0 L1
6.2.12 Ensure no users have .netrc filesUnixCIS Oracle Linux 6 Server L1 v1.1.0
6.2.12 Ensure no users have .netrc filesUnixCIS Red Hat 6 Server L1 v2.1.0
6.2.12 Ensure no users have .netrc filesUnixCIS SUSE Linux Enterprise Workstation 12 L1 v2.1.0
6.2.12 Ensure no users have .netrc filesUnixCIS CentOS 6 Server L1 v2.1.0
6.2.12 Ensure no users have .netrc filesUnixCIS Oracle Linux 6 Workstation L1 v1.1.0
6.2.12 Ensure no users have .netrc filesUnixCIS Ubuntu Linux 16.04 LTS Workstation L1 v1.1.0
6.2.12 Ensure no users have .netrc filesUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.0.1
6.2.12 Ensure no users have .netrc filesUnixCIS Amazon Linux v2.1.0 L1
6.2.12 Ensure no users have .netrc filesUnixCIS Debian 8 Workstation L1 v2.0.1
6.2.12 Ensure no users have .netrc filesUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
8.10 Remove User .netrc Files, should fail if .netrc file exists in a home directory.UnixCIS Solaris 9 v1.3
9.2.20 Check for Presence of User .netrc FilesUnixCIS Red Hat Enterprise Linux 5 L1 v2.2
9.19 Check for Presence of User .netrc FilesUnixCIS Solaris 11.2 L1 v1.1.0
9.20 Check for Presence of User .netrc FilesUnixCIS Solaris 11 L1 v1.1.0
9.20 Check for Presence of User .netrc FilesUnixCIS Solaris 11.1 L1 v1.0.0
9.20 Check for presence of user .netrc files - Checks for the presence of .netrc files in home directories.UnixCIS Solaris 10 L1 v5.2
13.18 Check for Presence of User .netrc FilesUnixCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0
13.18 Check for Presence of User .netrc FilesUnixCIS Debian Linux 7 L1 v1.0.0
GEN002000 - There must be no .netrc files on the system.UnixDISA STIG Solaris 10 SPARC v2r1
GEN002000 - There must be no .netrc files on the system.UnixDISA STIG Solaris 10 X86 v2r1
GEN002000 - There must be no .netrc files on the system.UnixDISA STIG Solaris 10 X86 v2r2
GEN002000 - There must be no .netrc files on the system.UnixDISA STIG Solaris 10 SPARC v2r2
PCI 2.2.4 - Verify that common security parameter settings are included - Home directory configuration - '.netrc does not exist'UnixPCI DSS 2.0/3.0 - AIX
PCI 2.2.4 Verify common security parameter settings - .netrc file should not exist in home directoriesUnixPCI DSS 2.0/3.0 - Red Hat Linux
SOL-11.1-070160 - User .netrc files must not exist.UnixDISA STIG Solaris 11 SPARC v2r2
SOL-11.1-070160 - User .netrc files must not exist.UnixDISA STIG Solaris 11 X86 v2r4
SOL-11.1-070160 - User .netrc files must not exist.UnixDISA STIG Solaris 11 SPARC v2r4