For interactive sessions, IDMS must limit the number of concurrent sessions for the same user to one or allow unlimited sessions.

An XCCDF Rule

Description

<VulnDiscussion>Multiple interactive sessions can provide a way to cause a DoS attack against IDMS if a user ID and password were compromised. Not allowing multiple sign-ons can mitigate the risk of malicious attacks using multiple sessions for a user.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-251582r960735_rule
Severity: Medium
References: CCI-000054
Updated: 17 days ago

Use TASK SYSGEN if online, or program RHDCSGEN if batch.

Sign on to the dictionary where the system definition is maintained: "SIGNON DICTIONARY SYSTEM.", for example.

Enter: "MODIFY SYSTEM 123 MULTIPLE SIGNON IS NO." where 123 is the number of the system being modified.
Enter: "VALIDATE."

Enter: "GENERATE."

The change will become effective the next time the CV is stopped and started.

For interactive sessions, IDMS must limit the number of concurrent sessions for the same user to one or allow unlimited sessions.

Description

Remediation - Manual Procedure