CIS IBM AIX 7.1 L1 v2.0.0

Audit Details

Name: CIS IBM AIX 7.1 L1 v2.0.0

Updated: 9/23/2022

Authority: CIS

Plugin: Unix

Revision: 1.0

Estimated Item Count: 170

File Details

Filename: CIS_AIX_7.1_Benchmark_v2.0.0_Level_1.audit

Size: 318 kB

MD5: 44b27676a881585b84cb9dde760e7c27
SHA256: a7ecd4c10e9af7a00aedb1130ac7da66146e59177d21ff3cea64c3d3992f2c5b

Audit Items

DescriptionCategories
3.1.1.1 All accounts must have a hashed password

IDENTIFICATION AND AUTHENTICATION

3.1.1.2 All user id's must be unique

ACCESS CONTROL

3.1.1.3 All group id's must be unique

ACCESS CONTROL

3.1.2.1 histexpire

IDENTIFICATION AND AUTHENTICATION

3.1.2.2 histsize

IDENTIFICATION AND AUTHENTICATION

3.1.2.3 loginretries

ACCESS CONTROL

3.1.2.4 maxage

IDENTIFICATION AND AUTHENTICATION

3.1.2.5 maxexpired

ACCESS CONTROL

3.1.2.6 maxrepeats

IDENTIFICATION AND AUTHENTICATION

3.1.2.7 minage

IDENTIFICATION AND AUTHENTICATION

3.1.2.8 minalpha

IDENTIFICATION AND AUTHENTICATION

3.1.2.9 mindiff

IDENTIFICATION AND AUTHENTICATION

3.1.2.10 mindigit

IDENTIFICATION AND AUTHENTICATION

3.1.2.11 minlen

IDENTIFICATION AND AUTHENTICATION

3.1.2.12 minloweralpha

IDENTIFICATION AND AUTHENTICATION

3.1.2.13 minother

IDENTIFICATION AND AUTHENTICATION

3.1.2.14 minspecialchar

IDENTIFICATION AND AUTHENTICATION

3.1.2.15 minupperalpha

IDENTIFICATION AND AUTHENTICATION

3.1.3.1 adm

IDENTIFICATION AND AUTHENTICATION

3.1.3.2 bin

IDENTIFICATION AND AUTHENTICATION

3.1.3.3 daemon

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

3.1.3.4 guest

IDENTIFICATION AND AUTHENTICATION

3.1.3.5 lpd

IDENTIFICATION AND AUTHENTICATION

3.1.3.6 nobody

IDENTIFICATION AND AUTHENTICATION

3.1.3.7 nuucp

IDENTIFICATION AND AUTHENTICATION

3.1.3.8 sys

IDENTIFICATION AND AUTHENTICATION

3.1.3.9 uucp

IDENTIFICATION AND AUTHENTICATION

3.1.3.10 Ensure System Accounts cannot access system using ftp.

IDENTIFICATION AND AUTHENTICATION

3.2.4 Adding authorized users in at.allow

ACCESS CONTROL

3.2.6 Adding authorised users in cron.allow

ACCESS CONTROL

3.3.1.1 Disable writesrv

CONFIGURATION MANAGEMENT

3.3.1.4 qdaemon

CONFIGURATION MANAGEMENT

3.3.1.6 cas_agent

CONFIGURATION MANAGEMENT

3.3.2.1 Disable ntalk/talk/write - inetd

CONFIGURATION MANAGEMENT

3.3.2.1 Disable ntalk/talk/write - writesrv

CONFIGURATION MANAGEMENT

3.3.2.9 inetd - aka Super Daemon

CONFIGURATION MANAGEMENT

3.3.2.18 timed

CONFIGURATION MANAGEMENT

3.3.4.1 bootps

CONFIGURATION MANAGEMENT

3.3.4.2 chargen

CONFIGURATION MANAGEMENT

3.3.4.3 comsat

CONFIGURATION MANAGEMENT

3.3.4.4 daytime

CONFIGURATION MANAGEMENT

3.3.4.5 discard

CONFIGURATION MANAGEMENT

3.3.4.6 echo

CONFIGURATION MANAGEMENT

3.3.4.7 exec

CONFIGURATION MANAGEMENT

3.3.4.8 finger

CONFIGURATION MANAGEMENT

3.3.4.9 ftp

CONFIGURATION MANAGEMENT

3.3.4.10 imap2

CONFIGURATION MANAGEMENT

3.3.4.11 instsrv

CONFIGURATION MANAGEMENT

3.3.4.12 klogin

CONFIGURATION MANAGEMENT

3.3.4.13 kshell

CONFIGURATION MANAGEMENT