Profile Applicability:
• Level 1
Description:
A local login warning banner displays legal notices or security warnings to users attempting to access the system locally. Proper configuration ensures users are informed of authorized use policies before login, which can serve as a deterrent to unauthorized access.
Rationale:
Configuring a clear and legally compliant login warning banner helps protect the organization by notifying users of monitoring, acceptable use, and consequences of unauthorized access.
Impact:
Pros:
Provides legal notice to users at login.
Enhances security awareness and policy enforcement.
Cons:
Misconfiguration may cause user confusion or login issues.
Default Value:
Local login banners may be absent or contain generic messages by default.
Pre-requisites:
Root or sudo privileges to modify banner configuration files.
Remediation:
Test Plan:
Using Linux command line:
Verify banner content in files such as:
/etc/issue (for local terminal login) /etc/issue.net (for remote login) cat /etc/issue
- Confirm the banner contains appropriate warning text.
Implementation Plan:
Using Linux command line:
Edit /etc/issue to include a clear legal warning or security notice.
Save changes and test local login to confirm banner displays before prompt.
Backout Plan:
Using Linux command line:
Restore previous banner content if necessary.
Remove or modify banners causing login disruptions.
References:
CIS Amazon Linux 2 Benchmark v3.0.0
Linux PAM and Login Banners