Detections
Analytics
ALMA-09-007500 - AlmaLinux OS 9 must automatically lock an account when three unsuccessful logon attempts occur.
Warning! Audit Deprecated
This audit has been deprecated and will be removed in a future update.
View Next Audit VersionInformation
By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.Solution
Configure AlmaLinux OS 9 to lock an account when three unsuccessful logon attempts occur using pam_faillock.First, enable the feature using the following command:
$ authselect enable-feature with-faillock
Then, add or update the following line in the "/etc/security/faillock.conf" file:
deny = 3
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_CL_AlmaLinux_OS_9_V1R2_STIG.zip
Item Details
Audit Name: DISA CloudLinux AlmaLinux OS 9 STIG v1r2
References: CAT|II, CCI|CCI-000044, Rule-ID|SV-269147r1050029_rule, STIG-ID|ALMA-09-007500, Vuln-ID|V-269147
Plugin: Unix
Control ID: 60b8f74b922d2f9e26a8e0e4e16244cddfb92146fe1779d1a2445083fd13d7ed