STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide

V-239649

CAT II (Medium)

The SLES for vRealize must enforce a delay of at least 4 seconds between logon prompts following a failed logon attempt.

Rule ID

SV-239649r662398_rule

STIG

VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide

Version

V2R2

CCIs

CCI-000366

Discussion

Limiting the number of logon attempts over a certain time interval reduces the chances that an unauthorized user may gain access to an account.

Check Content

Verify SLES for vRealize enforces a delay of at least "4" seconds between logon prompts following a failed logon attempt.

Verify the use of the "pam_faildelay" module.

Procedure:

# grep pam_faildelay /etc/pam.d/common-auth*

The typical configuration looks something like this:

#delay is in micro seconds
auth    required    pam_faildelay.so    delay=4000000

If the line is not present, this is a finding.

Fix Text

Configure SLES for vRealize to enforce a delay of at least "4" seconds between logon prompts following a failed logon attempt with the following command:

# sed -i "/^[^#]*pam_faildelay.so/ c\auth required pam_faildelay.so delay=4000000" /etc/pam.d/common-auth-vmware.local