[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253390

 
 

909

 
 

197257

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 30476 Download | Alert*

The permissions of the audit configuration files must be 0555 or less.

Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to consecutively reuse their password when that password has exceeded its defined lifetime, the end result is a password that is not changed as per policy requirements.

If SSHD is enabled then it _MUST_ be configured to wait only 30 seconds before timing out logon attempts. NOTE: /etc/ssh/sshd_config will be automatically modified to its original state following any update or major upgrade to the operating system. Fix: /usr/bin/sed -i.bak 's/.*LoginGraceTime.*/LoginGraceTime 30/' /etc/ssh/sshd_config; /bin/launchctl kickstart -k system/com.openssh.sshd

Without establishing what type of events occurred, when they occurred, and by whom it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack. Audit record content that may be necessary to satisfy this requirement includes, for example, time stamps, source and destination addresses, user/process identifiers, event descriptions, success/fail indicat ...

The group of the audit logs must be wheel.

If SSHD is enabled it _MUST_ be configured with an Active Client Alive Maximum Count set to zero. Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session or an incomplete login atte ...


Pages:      Start    3038    3039    3040    3041    3042    3043    3044    3045    3046    3047    ..   3047

© SecPod Technologies