STIGQter: STIG Summary: VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The SLES for vRealize must limit the number of concurrent sessions to ten for all accounts and/or account types.

DISA Rule

SV-99015r1_rule

Vulnerability Number

V-88365

Group Title

SRG-OS-000027-GPOS-00008

Rule Version

VROM-SL-000040

Severity

CAT III

CCI(s)

• CCI-000054 - The information system limits the number of concurrent sessions for each organization-defined account and/or account type to an organization-defined number of sessions.

Weight

10

Fix Recommendation

Configure the SLES for vRealize to limit the number of concurrent sessions to "10" for all accounts and/or account types by using the following command:

sed -i 's/\(^* *hard *maxlogins\).*/* hard maxlogins 10/g' /etc/security/limits.conf

Check Contents

Verify the SLES for vRealize limits the number of concurrent sessions to "10" for all accounts and/or account types with the following command:

# grep maxlogins /etc/security/limits.conf | grep -v '#'

The default maxlimits should be set to a max of "10" or a documented site defined number:

* hard maxlogins 10

If the default maxlimits is not set to "10" or the documented site defined number, this is a finding.

Vulnerability Number

V-88365

Documentable

False

Rule Version

VROM-SL-000040

Severity Override Guidance

Verify the SLES for vRealize limits the number of concurrent sessions to "10" for all accounts and/or account types with the following command:

# grep maxlogins /etc/security/limits.conf | grep -v '#'

The default maxlimits should be set to a max of "10" or a documented site defined number:

* hard maxlogins 10

If the default maxlimits is not set to "10" or the documented site defined number, this is a finding.

Check Content Reference

M

Target Key

3461

Comments