DISA_STIG_AIX_5.3_v1r2.audit for AIX 5.3 SECURITY TECHNICAL IMPLEMENTATION GUIDE v1r2 | |
GEN000000-AIX00020 - AIX Trusted Computing Base (TCB) software must be implemented. | ACCESS CONTROL, SYSTEM AND SERVICES ACQUISITION |
GEN000000-AIX00040 - The securetcpip command must be used | ACCESS CONTROL |
GEN000000-AIX00060 - A baseline of AIX files with the TCB bit set must be checked weekly. | SYSTEM AND INFORMATION INTEGRITY |
GEN000000-AIX00080 - The SYSTEM attribute must not be set to NONE for any account. | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
GEN000000-AIX0085 - The /etc/netsvc.conf file must be root owned. | ACCESS CONTROL |
GEN000000-AIX0090 - The /etc/netsvc.conf file must be group-owned by bin, sys, or system. | ACCESS CONTROL |
GEN000000-AIX0100 - The /etc/netsvc.conf file must have mode 0644 or less permissive. | ACCESS CONTROL |
GEN000000-AIX0110 - The /etc/netsvc.conf file must not have an extended ACL. | ACCESS CONTROL |
GEN000000-AIX0200 - The system must not allow directed broadcasts to gateway. | ACCESS CONTROL |
GEN000000-AIX0210 - The system must provide protection from Internet Control Message Protocol (ICMP) attacks on TCP connections. | ACCESS CONTROL |
GEN000000-AIX0220 - The system must provide protection for the TCP stack against connection resets, SYN, and data injection attacks. | ACCESS CONTROL |
GEN000000-AIX0230 - The system must provide protection against IP fragmentation attacks. | ACCESS CONTROL |
GEN000000-AIX0300 - The system must not have the bootp service active. | ACCESS CONTROL |
GEN000000-AIX0310 - The /etc/ftpaccess.ctl file must exist. | ACCESS CONTROL |
GEN000000-AIX0320 - The /etc/ftpaccess.ctl file must be owned by root. | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN000000-AIX0330 - The /etc/ftpaccess.ctl file must be group-owned by bin, sys, or system. | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN000000-AIX0340 - The /etc/ftpaccess.ctl file must have mode 0640 or less permissive. | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN000000-AIX0350 - The /etc/ftpaccess.ctl file must not have an extended ACL. | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN000020 - The system must require authentication upon booting into single-user and maintenance modes. | ACCESS CONTROL |
GEN000100 - The operating system must be a supported release. | SYSTEM AND INFORMATION INTEGRITY |
GEN000120 - System security patches and updates must be installed and up-to-date. | SYSTEM AND INFORMATION INTEGRITY |
GEN000140 - A file integrity baseline must be created and maintained. | CONFIGURATION MANAGEMENT |
GEN000220 - A file integrity tool must be used at least weekly to check for unauthorized file changes. | RISK ASSESSMENT |
GEN000240 - The system clock must be synchronized to an authoritative DoD time source - 'NTP daemon is running' | AUDIT AND ACCOUNTABILITY |
GEN000240 - The system clock must be synchronized to an authoritative DoD time source - 'NTP daemon is started at boot' | AUDIT AND ACCOUNTABILITY |
GEN000240 - The system clock must be synchronized to an authoritative DoD time source - 'NTP daemon uses approved sources' | AUDIT AND ACCOUNTABILITY |
GEN000240 - The system clock must be synchronized to an authoritative DoD time source - 'xntpd is started at boot time' | AUDIT AND ACCOUNTABILITY |
GEN000240 - The system clock must be synchronized to an authoritative DoD time source - 'xntpd|ntpd is running' | AUDIT AND ACCOUNTABILITY |
GEN000241 - The system clock must be synchronized continuously, or at least daily - 'NTP daemon is running' | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
GEN000241 - The system clock must be synchronized continuously, or at least daily - 'NTP daemon is started at boot' | CONFIGURATION MANAGEMENT |
GEN000242 - The system must use at least two time sources for clock synchronization - 'at least 2 servers are configured' | AUDIT AND ACCOUNTABILITY |
GEN000242 - The system must use at least two time sources for clock synchronization - 'NTP daemon is running' | AUDIT AND ACCOUNTABILITY |
GEN000242 - The system must use at least two time sources for clock synchronization - 'NTP daemon is started at boot' | AUDIT AND ACCOUNTABILITY |
GEN000244 - The system must use time sources local to the enclave. | AUDIT AND ACCOUNTABILITY |
GEN000250 - The time synchronization configuration file (such as /etc/ntp.conf) must be owned by root. | ACCESS CONTROL |
GEN000251 - The time synchronization configuration file (such as /etc/ntp.conf) must be group-owned by bin, sys, or system. | ACCESS CONTROL |
GEN000252 - The time synchronization configuration file (such as /etc/ntp.conf) must have mode 0640 or less permissive. | ACCESS CONTROL |
GEN000253 - The time synchronization configuration file (such as /etc/ntp.conf) must not have an extended ACL. | ACCESS CONTROL |
GEN000280 - Direct logins must not be permitted to shared, default, application, or utility accounts - '/etc/security/user rlogin=false' | IDENTIFICATION AND AUTHENTICATION |
GEN000280 - Direct logins must not be permitted to shared, default, application, or utility accounts - 'results of last should be reviewed' | IDENTIFICATION AND AUTHENTICATION |
GEN000290 - The system must not have unnecessary accounts - 'ftp does not exsit' | ACCESS CONTROL |
GEN000290 - The system must not have unnecessary accounts - 'games does not exsit' | ACCESS CONTROL |
GEN000290 - The system must not have unnecessary accounts - 'gopher does not exsit' | ACCESS CONTROL |
GEN000290 - The system must not have unnecessary accounts - 'guest does not exsit' | ACCESS CONTROL |
GEN000290 - The system must not have unnecessary accounts - 'lp does not exsit' | ACCESS CONTROL |
GEN000290 - The system must not have unnecessary accounts - 'news does not exsit' | ACCESS CONTROL |
GEN000290 - The system must not have unnecessary accounts - 'uucp does not exsit' | ACCESS CONTROL |
GEN000300 - All accounts on the system must have unique user or account names. | IDENTIFICATION AND AUTHENTICATION |
GEN000320 - All accounts must be assigned unique User Identification Numbers (UIDs). | IDENTIFICATION AND AUTHENTICATION |