CCI-001092 requires limiting the effects of a DoS attack. The reference rule provide some protection agains these type of attacks.
Signed-off-by: Willy Santos <[email protected]> --- rhel6/src/input/system/accounts/pam.xml | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/rhel6/src/input/system/accounts/pam.xml b/rhel6/src/input/system/accounts/pam.xml index 5fa2d32..2820b56 100644 --- a/rhel6/src/input/system/accounts/pam.xml +++ b/rhel6/src/input/system/accounts/pam.xml @@ -163,7 +163,7 @@ is different from account lockout, which is provided by the pam_faillock module. </rationale> <ident cce="15054-0" /> <oval id="accounts_password_pam_cracklib_retry" value="var_password_pam_cracklib_retry"/> -<ref nist="IA-5" /> +<ref nist="IA-5" disa="1092" /> </Rule> <Rule id="password_require_digits"> -- 1.7.7.6 _______________________________________________ scap-security-guide mailing list [email protected] https://fedorahosted.org/mailman/listinfo/scap-security-guide
