The IBM z/VM JOURNALING statement must be properly configured.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-237944 | IBMZ-VM-001020 | SV-237944r859014_rule | CCI-002268 | medium |
| Description | ||||
| By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-forcing, is reduced. Limits are imposed by locking the account. | ||||
| STIG | Date | |||
| IBM zVM Using CA VM:Secure Security Technical Implementation Guide | 2022-08-31 | |||
Details
Check Text (C-237944r859014_chk)
View system config "JOURNALING" statement.
If the "JOURNALING" statement "LOGON" operand is configured as below, this is not a finding.
Logon,
Account after 3 attempts,
See IBMZ-VM-000040 for LOCKOUT setting.
Link,
Account after 3 attempts,
Disable after 3 attempts
Fix Text (F-41113r859013_fix)
Configure the system config "JOURNALING" statement to include the following:
Logon,
Account after 3 attempts,
See IBMZ-VM-000040 for LOCKOUT setting.
Link,
Account after 3 attempts,
Disable after 3 attempts