The Photon operating system must persist lockouts between system reboots.

An XCCDF Rule

Details
Profiles

Description

By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account. By default, account lockout information is stored under /var/run/faillock and is not persistent between reboots.

ID: SV-258862r1003649_rule
Version: PHTN-40-000196
Severity: Medium
References: CCI-000044
Updated: about 2 months ago

Remediation Templates

Navigate to and open:

/etc/security/faillock.conf

Add or update the following lines:
dir = /var/log/faillock

Note: On vCenter appliances, the equivalent file must be edited under "/etc/applmgmt/appliance", if one exists, for the changes to persist after a reboot.

The Photon operating system must persist lockouts between system reboots.

Description

Remediation Templates

A Manual Procedure