iCompaas Support

Profile Applicability:
 • Level 1

Description:
 The /etc/issue.net file contains the pre-login banner message displayed for remote login sessions, such as SSH. Proper access control of this file prevents unauthorized modifications or disclosures that could aid attackers.

Rationale:
 Restricting access to /etc/issue.net helps maintain the integrity and confidentiality of remote login warning messages, supporting security and compliance requirements.

Impact:
 Pros:

• Protects the remote login banner from unauthorized changes.
  

• Prevents leakage of sensitive system information.
  

Cons:

• Overly restrictive permissions may prevent legitimate viewing.
  

Default Value:
 By default, /etc/issue.net is usually world-readable and owned by root.

Pre-requisites:

• Root or sudo privileges to modify file ownership and permissions.
  

Remediation:

Test Plan:

Using Linux command line:

1. Check current ownership and permissions:

ls -l /etc/issue.net

2. Confirm file is owned by root and has permissions typically set to 644.

Implementation Plan:

Using Linux command line:

1. Set ownership to root:

chown root:root /etc/issue.net

2. Set permissions to restrict access:

chmod 644 /etc/issue.net

Backout Plan:

Using Linux command line:

1. Restore previous ownership and permissions if necessary.
   

2. Notify users if permission changes affect usage.
   

References:

• CIS Amazon Linux 2 Benchmark v3.0.0
  

• Linux man page: issue.net