Detections
Analytics
GEN006230 - Samba must be configured to use encrypted passwords.
Information
Samba must be configured to protect authenticators. If Samba passwords are not encrypted for storage, plain-text user passwords may be read by those with access to the Samba password file.Solution
Edit the smb.conf file and change the encrypt passwords setting to yes.# vi /usr/lib/smb.conf
See Also
http://iasecontent.disa.mil/stigs/zip/U_STIG_Library_2015_07.zip
Item Details
Audit Name: DISA AIX 5.3 STIG v1r2
Category: IDENTIFICATION AND AUTHENTICATION
References: 800-53|IA-5(1), CAT|II, CCI|CCI-000366, Rule-ID|SV-39241r1_rule, STIG-ID|GEN006230, Vuln-ID|V-22500
Plugin: Unix
Control ID: d8bae63496debc29de148e25196451361059a5ded89bc528f6b101088ea50355