| GEN003020 - Cron must not execute programs in, or subordinate to, world-writable directories. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003040 - Crontabs must be owned by root or the crontab creator. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must not be in the cron.allow file or must be in cron.deny - 'daemon' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must not be in the cron.allow file or must be in cron.deny - 'pconsole' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003120 - Cron and crontab directories must be owned by root or bin. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003190 - The cron log files must not have extended ACLs. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003240 - The cron.allow file must be owned by root, bin, or sys. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003280 - Access to the at utility must be controlled via the at.allow and/or at.deny file(s) - '/var/adm/cron/at.allow exists' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'invscout' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'lp' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'shutdown' - at.allow | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'uucp' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003400 - The at directory must have mode 0755 or less permissive. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003410 - The at directory must not have an extended ACL. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003430 - The 'at' directory must be group-owned by system, bin, sys, or cron. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003440 - 'At' jobs must not set the umask to a value less restrictive than 077 - '/var/spool/atjobs/*' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003440 - 'At' jobs must not set the umask to a value less restrictive than 077. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN003480 - The at.deny file must be owned by root, bin, or sys. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003581 - Network interfaces must not be configured to allow user control. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN003720 - The inetd.conf file, xinetd.conf file, and the xinetd.d directory must be owned by root or bin - 'inetd.conf' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003720 - The inetd.conf file, xinetd.conf file, and the xinetd.d directory must be owned by root or bin - 'xinetd.conf' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003730 - The inetd.conf file, xinetd.conf file, and the xinetd.d directory must be group-owned by bin, sys, or system - 'inetd.conf' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003730 - The xinetd.conf file, and the xinetd.d directory must be group-owned by root, bin, sys, or system - '/etc/xinetd.conf' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN003740 - The inetd.conf and xinetd.conf files must have mode 0440 or less permissive - 'inetd.conf' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003740 - The xinetd.conf files must have mode 0640 or less permissive - '/etc/xinetd.conf' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN003750 - The xinetd.d directory must have mode 0755 or less permissive. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN003760 - The services file must be owned by root or bin. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003790 - The services file must not have an extended ACL. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN003960 - The traceroute command owner must be root. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN004000 - The traceroute file must have mode 0700 or less permissive. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN004370 - The aliases file must be group-owned by root, sys, bin, or system - '/etc/postfix/aliases.db' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN004380 - The alias file must have mode 0644 or less permissive. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN004380 - The sendmail alias files must have mode 0644 or less permissive - '/etc/aliases.db' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN004390 - The alias file must not have an extended ACL - '/etc/postfix/aliases.db' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN004410 - Files executed through a mail aliases file must be group-owned by root, bin, sys, or other. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN004900 - The ftpusers file must contain account names not allowed to use FTP. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005040 - All FTP gssftp users must have a default umask of 077 - '/etc/vsftpd/vsftpd.conf local_umask' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN005240 - The .Xauthority utility must only permit access to authorized hosts. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN005365 - The snmpd.conf file must be group-owned by root, bin, sys, or system. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN005390 - The /etc/rsyslog.conf file must have mode 0640 or less permissive. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN005521 - The SSH daemon must restrict login ability to specific users and/or groups. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN005740 - The NFS export configuration file must be owned by root. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN005810 - All NFS-exported system files and system directories must be group-owned by root, bin, sys, or system. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN006120 - The /etc/samba/smb.conf file must be group-owned by root, bin, sys, or system. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN006200 - The smbpasswd file must have mode 0600 or less permissive - '/etc/samba/secrets.tdb' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN006210 - The /etc/smbpasswd file must not have an extended ACL - '/etc/samba/passdb.tdb' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN006340 - Files in /etc/news must be owned by root or news. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN008080 - If using LDAP for authentication or account information, the /etc/ldap.conf (or equivalent) file must be owned by root. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN008340 - If using LDAP for auth or acct info, the LDAP TLS key must have mode 0600 or less permissive - '/etc/openldap/cacerts/key.pem' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN008360 - If using LDAP for auth or acct info, the LDAP TLS key file must not have an extended ACL - '/etc/openldap/cacerts/key.pem' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
