Detections
Analytics
RHEL-10-600410 - RHEL 10 must automatically lock an account when three unsuccessful login attempts occur.
Information
By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.Satisfies: SRG-OS-000329-GPOS-00128, SRG-OS-000021-GPOS-00005
Solution
Configure RHEL 10 to lock an account when three unsuccessful login attempts occur.Add/modify the "/etc/security/faillock.conf" file to match the following line:
deny = 3
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_RHEL_10_V1R1_STIG.zip
Item Details
Audit Name: DISA Red Hat Enterprise Linux 10 STIG v1r1
Category: ACCESS CONTROL
References: 800-53|AC-7a., 800-53|AC-7b., CAT|II, CCI|CCI-000044, CCI|CCI-002238, Rule-ID|SV-281194r1166534_rule, STIG-ID|RHEL-10-600410, Vuln-ID|V-281194
Plugin: Unix
Control ID: 902266603454a8bede186fcd74d5f5f80e2adbe40ecf1d92573e7b2bb8cafb46