STIGQter STIGQter: STIG Summary: Solaris 10 X86 Security Technical Implementation Guide Version: 1 Release: 26 Benchmark Date: 24 Jan 2020: The system must not have unnecessary accounts.

DISA Rule

SV-4269r3_rule

Vulnerability Number

V-4269

Group Title

GEN000290

Rule Version

GEN000290

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Remove all unnecessary accounts, such as games, from the /etc/passwd file before connecting a system to the network. Other accounts, such as news and gopher, associated with a service not in use should also be removed.

Check Contents

Check the system for unnecessary user accounts.

Procedure:
# more /etc/passwd

Some examples of unnecessary accounts include games, news, gopher, ftp, and lp.

If an unnecessary account is found and its use is not justified and documented with the ISSO, this is a finding.

Vulnerability Number

V-4269

Documentable

False

Rule Version

GEN000290

Severity Override Guidance

Check the system for unnecessary user accounts.

Procedure:
# more /etc/passwd

Some examples of unnecessary accounts include games, news, gopher, ftp, and lp.

If an unnecessary account is found and its use is not justified and documented with the ISSO, this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

25

Comments