Detections
Analytics
GEN008540 - The system's local firewall must implement a deny-all, allow-by-exception policy.
Information
A local firewall protects the system from exposing unnecessary or undocumented network services to the local enclave. If a system within the enclave is compromised, firewall protection on an individual system continues to protect it from attack.NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Configure the system's local firewall to implement a deny-all,allow-by-exception policy.
Firewall rules can be added and activated with SMIT ipsec4 or genfilt command.
#smitty ipsec4
See Also
http://iasecontent.disa.mil/stigs/zip/U_STIG_Library_2015_07.zip
Item Details
Audit Name: DISA AIX 5.3 STIG v1r2
Category: SYSTEM AND COMMUNICATIONS PROTECTION
References: 800-53|SC-7(5), CAT|II, CCI|CCI-001109, Rule-ID|SV-38985r1_rule, STIG-ID|GEN008540, Vuln-ID|V-22583
Plugin: Unix
Control ID: 74e9da834bd2ca916951cc434dc47096875ad7a6eecb5a0e19163a5377422b78