DoD STIG - Display last login info Hot

by Doug Fish on April 09, 2016

Display the following information immediately at logon:

Unsuccessful Logon

Date

Time

IP Address

 

Successful Logon

Date

Time

IP Address

  • Group ID (Vulid):  V-16817
    Group Title:  APP3660
    Rule ID:  SV-17817r1_rule
    Severity: CAT III
    Rule Version (STIG-ID):  APP3660
    Rule Title: The designer will ensure the application has a capability to notify the user of important login information.


    Vulnerability Discussion:  Attempted logons must be controlled to prevent password guessing exploits and unauthorized access attempts.

    Responsibility:  System Administrator
    IAControls:  ECLO-2

    Check Content: 
    Policy:

    The designer will ensure the application has a capability to notify the user on logon of date and time of the user's last unsuccessful logon, IP address of the user’s last unsuccessful logon, date and time of the user's last successful logon, IP address of the user’s last successful logon, and number of unsuccessful logon attempts since the last successful logon.

    Check:
    If the application uses password authentication, try to logon to the system using an incorrect password.

    Restart the application and logon again using the correct password. After a successful logon to the application, logout of the application and note the date and times for the last success and unsuccessful logons. Again, logon to the application and determine whether the application correctly displays the following information immediately at logon:

    Unsuccessful Logon
    Date
    Time
    IP Address

    Successful Logon
    Date
    Time
    IP Address

    If the application does not correctly display the last unsuccessful and successful logon information immediately at login, it is a finding

    For CAC and NSA approved token authentication logons, remove the CAC or mistype the PIN to simulate an unsuccessful login.


    Fix Text: Display last login information.

    Ideas

    Status
  • Please login to view any attachments.

  • This idea has not received many votes in 24 months since its submission. It has been closed (declined) due to insufficient support.
    David J. Easter Commented by David J. Easter June 04, 2018
    #1 Reviewer  -  

    This idea has not received many votes in 24 months since its submission. It has been closed (declined) due to insufficient support.

     

PrintEmail

Recent Tweets