Skip to content

The HYCU VM console must be configured to enforce the limit of three consecutive invalid logon attempts, after which time it must block any logon attempt for 15 minutes.

An XCCDF Rule

Description

<VulnDiscussion>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-forcing, is reduced.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-246826r768142_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Go to the "/etc/pam.d/" folder.

Move the current configuration and make new copies to be edited by executing the following commands:
sudo mv password-auth password-auth-as

sudo mv system-auth system-auth-as