CIS IBM AIX 7.1 L1 v2.1.0

Audit Details

Name: CIS IBM AIX 7.1 L1 v2.1.0

Updated: 2/7/2024

Authority: CIS

Plugin: Unix

Revision: 1.3

Estimated Item Count: 170

File Details

Filename: CIS_AIX_7.1_Benchmark_v2.1.0_Level_1.audit

Size: 333 kB

MD5: 977838d6277d2f246f2f4ba9b6620672

SHA256: b6f8937fd3a513d830ff7eac9269caf45669e5956934878b6a07261c9bc941de

Audit Items

Description	Categories
2.2 Verify world writable directories provide unlink() protection	ACCESS CONTROL, MEDIA PROTECTION
2.3 Ensure default user umask is 027 or more restrictive	ACCESS CONTROL, MEDIA PROTECTION
2.4 Ensure there are no 'other' writable objects	ACCESS CONTROL, MEDIA PROTECTION
2.5 Ensure all files and directories are owned by a user (uid) and assigned to a group (gid) - gid	ACCESS CONTROL, MEDIA PROTECTION
3.1.1.1 Disable writesrv	CONFIGURATION MANAGEMENT
3.1.1.4 qdaemon	CONFIGURATION MANAGEMENT
3.1.1.6 cas_agent	CONFIGURATION MANAGEMENT
3.1.2.1 Disable ntalk/talk/write - inetd	CONFIGURATION MANAGEMENT
3.1.2.1 Disable ntalk/talk/write - writesrv	CONFIGURATION MANAGEMENT
3.1.2.9 inetd - aka Super Daemon - aka Super Daemon	CONFIGURATION MANAGEMENT
3.1.2.18 timed	CONFIGURATION MANAGEMENT
3.1.4.2 NFS - enable both nosuid and nodev options on NFS client mounts - nodev	ACCESS CONTROL, MEDIA PROTECTION
3.1.4.2 NFS - enable both nosuid and nodev options on NFS client mounts - nosuid	ACCESS CONTROL, MEDIA PROTECTION
3.1.4.3 NFS - localhost removal - localhost removal	CONFIGURATION MANAGEMENT
3.1.4.5 NFS - no root access via NFS exports	CONFIGURATION MANAGEMENT
3.1.5.1 bootps	CONFIGURATION MANAGEMENT
3.1.5.2 chargen	CONFIGURATION MANAGEMENT
3.1.5.3 comsat	CONFIGURATION MANAGEMENT
3.1.5.4 daytime	CONFIGURATION MANAGEMENT
3.1.5.5 discard	CONFIGURATION MANAGEMENT
3.1.5.6 echo	CONFIGURATION MANAGEMENT
3.1.5.7 exec	CONFIGURATION MANAGEMENT
3.1.5.8 finger	CONFIGURATION MANAGEMENT
3.1.5.9 ftp	CONFIGURATION MANAGEMENT
3.1.5.10 imap2	CONFIGURATION MANAGEMENT
3.1.5.11 instsrv	CONFIGURATION MANAGEMENT
3.1.5.12 klogin	CONFIGURATION MANAGEMENT
3.1.5.13 kshell	CONFIGURATION MANAGEMENT
3.1.5.14 login	CONFIGURATION MANAGEMENT
3.1.5.15 netstat	CONFIGURATION MANAGEMENT
3.1.5.16 ntalk	CONFIGURATION MANAGEMENT
3.1.5.17 pcnfsd	CONFIGURATION MANAGEMENT
3.1.5.18 pop3	CONFIGURATION MANAGEMENT
3.1.5.19 rexd	CONFIGURATION MANAGEMENT
3.1.5.20 rquotad	CONFIGURATION MANAGEMENT
3.1.5.21 rstatd	CONFIGURATION MANAGEMENT
3.1.5.22 rusersd	CONFIGURATION MANAGEMENT
3.1.5.23 rwalld	CONFIGURATION MANAGEMENT
3.1.5.24 shell	CONFIGURATION MANAGEMENT
3.1.5.25 sprayd	CONFIGURATION MANAGEMENT
3.1.5.26 xmquery	CONFIGURATION MANAGEMENT
3.1.5.27 talk	CONFIGURATION MANAGEMENT
3.1.5.28 telnet	CONFIGURATION MANAGEMENT
3.1.5.29 tftp	CONFIGURATION MANAGEMENT
3.1.5.30 time	CONFIGURATION MANAGEMENT
3.1.5.31 uucp	CONFIGURATION MANAGEMENT
3.2.5 CDE - sgid/suid binary lockdown - /usr/dt/bin/dtaction	ACCESS CONTROL, MEDIA PROTECTION
3.2.5 CDE - sgid/suid binary lockdown - /usr/dt/bin/dtappgather	ACCESS CONTROL, MEDIA PROTECTION
3.2.5 CDE - sgid/suid binary lockdown - /usr/dt/bin/dtprintinfo	ACCESS CONTROL, MEDIA PROTECTION
3.2.5 CDE - sgid/suid binary lockdown - /usr/dt/bin/dtsession	ACCESS CONTROL, MEDIA PROTECTION

Detections

Analytics

CIS IBM AIX 7.1 L1 v2.1.0

Audit Details

File Details

Audit Items