The LockOutRealm must be configured with a login failure count of 3.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
medium	V-224783	SRG-APP-000065	ISEC-06-550305	SV-224783r1013861_rule	2024-08-20	3

Description
LockOutRealm prevents brute force attacks against user passwords. Removal of unneeded or nonsecure functions, ports, protocols, and services mitigate the risk of unauthorized connection of devices, unauthorized transfer of information, or other exploitation of these resources. Access to LockOutRealm must be configured to control login attempts by local accounts. The organization must perform a periodic scan/review of the application (as required by CCI-000384) and disable functions, ports, protocols, and services deemed to be unneeded or nonsecure.

Description

LockOutRealm prevents brute force attacks against user passwords. Removal of unneeded or nonsecure functions, ports, protocols, and services mitigate the risk of unauthorized connection of devices, unauthorized transfer of information, or other exploitation of these resources. Access to LockOutRealm must be configured to control login attempts by local accounts. The organization must perform a periodic scan/review of the application (as required by CCI-000384) and disable functions, ports, protocols, and services deemed to be unneeded or nonsecure.

ℹ️ Check
Verify the failureCount parameter is set to 3 in the LockOutRealm configuration. Log in to the ISEC7 SPHERE server. Navigate to <Drive>:\Program Files\Isec7 SPHERE\Tomcat\Config. Open the server.xml file with Notepad. Select Edit >> Find and search for LockOutRealm. Verify the failureCount parameter is set to 3 in the following file: <Realm className="org.apache.catalina.realm.LockOutRealm" failureCount="3" lockOutTime="900" > If the failureCount parameter is not set to 3 in the LockOutRealm configuration, this is a finding.

ℹ️ Check

Verify the failureCount parameter is set to 3 in the LockOutRealm configuration. Log in to the ISEC7 SPHERE server. Navigate to <Drive>:\Program Files\Isec7 SPHERE\Tomcat\Config. Open the server.xml file with Notepad. Select Edit >> Find and search for LockOutRealm. Verify the failureCount parameter is set to 3 in the following file: <Realm className="org.apache.catalina.realm.LockOutRealm" failureCount="3" lockOutTime="900" > If the failureCount parameter is not set to 3 in the LockOutRealm configuration, this is a finding.

✔️ Fix
Add failureCount parameter to the LockOutRealm configuration: Log in to the ISEC7 SPHERE server. Navigate to <Drive>:\Program Files\Isec7 SPHERE\Tomcat\Config. Open the server.xml file with Notepad. Select Edit >> Find and search for LockOutRealm. Add the following line is in the server.xml file: <Realm className="org.apache.catalina.realm.LockOutRealm" failureCount="3" lockOutTime="900" > Restart the ISEC7 SPHERE Web service in the services.msc.

✔️ Fix

Add failureCount parameter to the LockOutRealm configuration: Log in to the ISEC7 SPHERE server. Navigate to <Drive>:\Program Files\Isec7 SPHERE\Tomcat\Config. Open the server.xml file with Notepad. Select Edit >> Find and search for LockOutRealm. Add the following line is in the server.xml file: <Realm className="org.apache.catalina.realm.LockOutRealm" failureCount="3" lockOutTime="900" > Restart the ISEC7 SPHERE Web service in the services.msc.