Rule ID
SV-268301r1195282_rule
Version
V1R2
CCIs
Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free up resources committed by the managed network element.
Log in to the HYCU VM console. For console connections, check for the value of the "TMOUT" option in "/home/hycu/.bashrc" with the following command: grep TMOUT /home/hycu/.bashrc If the "TMOUT" value is not set to "300" or less, this is a finding. For SSH connections, check for the value of the "ClientAliveInterval" option in "/etc/ssh/sshd_config" with the following command: grep ClientAliveInterval /etc/ssh/sshd_config If the "ClientAliveInterval" value is not set to "300" or less, this is a finding. For UI connections, run the following command to check configured HYCU session timeout: cat /opt/grizzly/config.properties | grep api.session.expiration.minutes If not configured at "5" or less, this is a finding.
Configure the operating system to enforce timeout settings. Add the following line to "/home/hycu/.bashrc" (or modify the line to have the required value): TMOUT=300 Add the following line to "/etc/ssh/sshd_config" (or modify the line to have the required value): ClientAliveInterval 300 Edit the "/opt/grizzly/config.properties" file by running the command: sudo vi /opt/grizzly/config.properties Add the following line or modify the line to have the required value: api.session.expiration.minutes=5 Save the file by typing: :wq!