GEN000000-HPUX0460 - The system must display the date and time of the last successful account login upon login by means other than SSH

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Providing users with feedback on when account accesses last occurred facilitates user recognition and reporting of unauthorized account use.

Solution

For Trusted Mode:
Use the SAM/SMH interface to ensure the attributes are added to all user /tcb profiles.

For SMSE:
Note: There may be additional package/bundle updates that must be installed to support attributes in the /etc/default/security file.

Use the SAM/SMH interface (/etc/default/security file) and/or the userdbset command (/var/adm/userdb/* files) to update attribute. See the below example:
DISPLAY_LAST_LOGIN=1

Note: Never use a text editor to modify any /var/adm/userdb database file. The database contains checksums and other binary data, and editors (vi included) do not follow the file locking conventions that are used to control access to the database.

If manually editing the /etc/default/security file, save any change(s) before exiting the editor.

See Also

https://iasecontent.disa.mil/stigs/zip/U_HPUX_11-31_V1R19_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-9, CAT|II, CCI|CCI-000366, Rule-ID|SV-52482r3_rule, STIG-ID|GEN000000-HPUX0460, Vuln-ID|V-40493

Plugin: Unix

Control ID: c2eb49e4991d840f7c58e3dd63c93302a856fae7434341273708d4dad57b7d6d