Profile Applicability:
 • Level 1

Description:
 The Message of the Day (MOTD) is displayed to users upon login and typically contains system information or legal warnings. Proper configuration of MOTD helps communicate important notices, security warnings, or usage policies to users accessing the system.

Rationale:
 Configuring MOTD ensures users receive awareness messages that can deter unauthorized use and reinforce security policies.

Impact:
 Pros:

  • Provides legal notice and security warnings to users.

  • Enhances user awareness of acceptable use policies.

Cons:

  • Misconfiguration may cause information leakage or user confusion.

Default Value:
 Default MOTD content varies across distributions; it may not contain security or legal messages.

Pre-requisites:

  • Root or sudo privileges to modify MOTD configuration files.

Remediation:

Test Plan:

Using Linux command line:

1. Check current MOTD content:

cat /etc/motd

2. Verify presence of security notices or legal warnings.

Implementation Plan:

Using Linux command line:

  1. Edit /etc/motd or relevant MOTD configuration files to include:

    • Legal notices (e.g., unauthorized access warnings).

    • Security policy reminders.

  2. Save changes and test login to confirm MOTD displays properly.

Backout Plan:

Using Linux command line:

  1. Restore previous MOTD content from backup if necessary.

  2. Remove or adjust messages that cause confusion or expose sensitive information.

References:

  • CIS Amazon Linux 2 Benchmark v3.0.0

  • Linux PAM MOTD Documentation

  • Linux System Administration Guide - Login Messages