STIGQter: STIG Summary: Oracle Linux 5 Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 26 Oct 2018: The system must not have unnecessary accounts.

DISA Rule

SV-63195r2_rule

Vulnerability Number

V-4269

Group Title

GEN000290

Rule Version

GEN000290

Severity

CAT II

CCI(s)

CCI-000012 - The organization reviews information system accounts for compliance with account management requirements per organization-defined frequency.

Weight

Fix Recommendation

Remove all unnecessary accounts from the /etc/passwd file before connecting a system to the network. Other accounts that are associated with a service not in use should also be removed.

Check Contents

Check the system for unnecessary user accounts.

Procedure:

# more /etc/passwd

Obtain a list of authorized accounts from the IAO. If any unnecessary accounts are found on the system, this is a finding.

Vulnerability Number

V-4269

Documentable

False

Rule Version

GEN000290

Severity Override Guidance

Check Content Reference

Responsibility

System Administrator

Target Key

2207

STIGQter: STIG Summary: Oracle Linux 5 Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 26 Oct 2018: The system must not have unnecessary accounts.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments