STIGQter: STIG Summary: VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The SLES for vRealize must initiate a session lock after a 15-minute period of inactivity for all connection types.

DISA Rule

SV-99017r1_rule

Vulnerability Number

V-88367

Group Title

SRG-OS-000029-GPOS-00010

Rule Version

VROM-SL-000050

Severity

CAT II

CCI(s)

• CCI-000057 - The information system initiates a session lock after the organization-defined time period of inactivity.

Weight

10

Fix Recommendation

Ensure the file exists and is owned by root. If the files does not exist, use the following commands to create the file:

# touch /etc/profile.d/tmout.sh
# chown root:root /etc/profile.d/tmout.sh
# chmod 644 /etc/profile.d/tmout.sh

Edit the file "/etc/profile.d/tmout.sh", and add the following lines:

TMOUT=900
readonly TMOUT
export TMOUT
mesg n 2>/dev/null

Check Contents

Check for the existence of the /etc/profile.d/tmout.sh file:

# ls -al /etc/profile.d/tmout.sh

Check for the presence of the "TMOUT" variable:

# grep TMOUT /etc/profile.d/tmout.sh

The value of "TMOUT" should be set to 900 seconds (15 minutes).

If the file does not exist, or the "TMOUT" variable is not set, this is a finding.

Vulnerability Number

V-88367

Documentable

False

Rule Version

VROM-SL-000050

Severity Override Guidance

Check for the existence of the /etc/profile.d/tmout.sh file:

# ls -al /etc/profile.d/tmout.sh

Check for the presence of the "TMOUT" variable:

# grep TMOUT /etc/profile.d/tmout.sh

The value of "TMOUT" should be set to 900 seconds (15 minutes).

If the file does not exist, or the "TMOUT" variable is not set, this is a finding.

Check Content Reference

M

Target Key

3461

Comments