Detections
Analytics
GEN000000-HPUX0210 - The system must disable accounts after three consecutive unsuccessful SSH login attempts
Warning! Audit Deprecated
This audit has been deprecated and will be removed in a future update.
View Next Audit VersionInformation
Disabling accounts after a limited number of unsuccessful SSH login attempts improves protection against password guessing attacks.Solution
If the system is operating in Trusted Mode, no fix is required.For SMSE only:
Edit the /opt/ssh/etc/sshd_config file and add/uncomment/update the 'UsePAM' attribute. See the below example:
UsePAM yes
Save any change(s) before exiting the editor.
See Also
https://iasecontent.disa.mil/stigs/zip/U_HPUX_11-31_V1R19_STIG.zip
Item Details
Audit Name: DISA STIG HP-UX 11.31 v1r19
Category: ACCESS CONTROL
References: 800-53|AC-7, CAT|II, CCI|CCI-000366, CSCv6|16.7, Rule-ID|SV-52335r1_rule, STIG-ID|GEN000000-HPUX0210, Vuln-ID|V-40355
Plugin: Unix
Control ID: 7da872996faa367396b14d7e9722a6e94a2d0afb92cd29cab381d2d9146ef507