STIGQter: STIG Summary: VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The SLES for vRealize must enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period.

DISA Rule

SV-99011r1_rule

Vulnerability Number

V-88361

Group Title

SRG-OS-000021-GPOS-00005

Rule Version

VROM-SL-000025

Severity

CAT II

CCI(s)

CCI-000044 - The information system enforces the organization-defined limit of consecutive invalid logon attempts by a user during the organization-defined time period.

Weight

Fix Recommendation

To configure the SLES for vRealize to enforce the limit of "3" consecutive invalid attempts using "pam_tally2.so", modify the content of the /etc/pam.d/common-auth-vmware.local by running the following command:

# sed -i "/^[^#]*pam_tally2.so/ c\auth required pam_tally2.so deny=3 onerr=fail even_deny_root unlock_time=86400 root_unlock_time=300" /etc/pam.d/common-auth-vmware.local

Check Contents

Run the following command to ensure that the SLES for vRealize enforces the limit of "3" consecutive invalid logon attempts by a user:

# grep pam_tally2.so /etc/pam.d/common-auth

The output should contain "deny=3" in the returned line.

If the output does not contain "deny=3", this is a finding.

Expected Result:
auth required pam_tally2.so deny=3 onerr=fail even_deny_root unlock_time=86400 root_unlock_time=300

The SLES for vRealize must enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments