Skill323 repo starsupdated today

cis-aws-compute-5.2

This skill provides guidance for manually auditing and changing default administrator credentials in applications deployed on AWS Lightsail instances. Use this control to verify that application default login names and passwords have been changed from factory settings, reducing the risk of unauthorized access through publicly known default credentials.

View source Repository: CyberStrike

Install in Claude Code

Copy

git clone --depth 1 https://github.com/CyberStrikeus/CyberStrike /tmp/cis-aws-compute-5.2 && cp -r /tmp/cis-aws-compute-5.2/.cyberstrike/skill/CIS_benchmarks/Cloud_Providers/AWS/CIS_AWS_Compute_Services_Benchmark_v1.1.0/cis-aws-compute-5.2 ~/.claude/skills/cis-aws-compute-5.2

Then start a new Claude Code session; the skill loads automatically.

Definition

SKILL.md

# 5.2 Change default Administrator login names and passwords for applications (Manual)

## Description

Change the default settings for the administrator login names and passwords of the application software that you install on Lightsail instances.

## Rationale

Default administrator login names and passwords for applications used on Lightsail instances can be used by hackers and individuals to break into your servers.

## Impact

N/A

## Audit Procedure

### Using AWS Console

To confirm that you have updated or changed the default administrator name and password for any application you are using is a manual process. Often dependent on the application itself and the operating system you are utilizing for the Lightsail instance.

1. Login to AWS Console using https://console.aws.amazon.com
2. Click `All services`, click `Lightsail` under Compute.
3. This will open up the Lightsail console.
4. Select the `Instance` you want to review.
5. Make sure the instance status is `running`.
6. Connect to the `instance`.
7. Depending on the instance OS and the application you are running determine what the default administrator name is set to and what the password is.
8. If the `default administrator` username and or password is still at the default settings please refer to the remediation below.
9. Repeat steps no. 4 - 8 to verify if any Lightsail instances require application updates.

### Using AWS CLI

N/A - This is a manual process dependent on the application and OS.

## Expected Result

All applications running on Lightsail instances should have their default administrator login names and passwords changed from the defaults.

## Remediation

### Using AWS Console

1. Login to AWS Console using https://console.aws.amazon.com
2. Click `All services`, click `Lightsail` under Compute.
3. This will open up the Lightsail console.
4. Select the `Instance` you want to update the `default administrator` settings.
5. Make sure the instance status is `running`.
6. Click on `Snapshots`
7. Under `Manual snapshots` click on `+ Create snapshot`
8. Give it a name you will recognize
9. Click on `create`

While in process it will show Snapshotting...

10. Once the date and time and snapshot name appears it is completed.
11. Click on `Connect`
12. Run the process to change either the `default administrator` name or password or both.
13. Repeat steps no. 4 - 12 to apply any application `default administrator` changes required on the Lightsail instances that you are running.

### Using AWS CLI

N/A - This is a manual process dependent on the application and OS.

## Default Value

Applications are installed with default administrator credentials.

## References

1. https://lightsail.aws.amazon.com/ls/docs/en_us/all

## CIS Controls

| Controls Version | Control | IG 1 | IG 2 | IG 3 |
| ---------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | ---- | ---- | ---- |
| v7 | 4.2 Change Default Passwords - Before deploying any new asset, change all default passwords to have values consistent with administrative level accounts. | x | x | x |

## Profile

Level 1 | Manual