| GEN001475 - The /etc/group file must not contain any group password hashes. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001480 - All users' home directories must have mode 0750 or less permissive. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001540 - All files and directories contained in interactive user's home directories must be owned by the home directory's owner. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001550 - All files and directories in user's home directories must be group-owned by a group the home directory's owner is a member. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001590 - All run control scripts must have no extended ACLs - '/etc/init.d' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001590 - All run control scripts must have no extended ACLs - '/etc/rc*' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001720 - All global initialization files must have mode 0644 or less permissive - '/etc/.login' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001720 - All global initialization files must have mode 0644 or less permissive - '/etc/csh.cshrc' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001720 - All global initialization files must have mode 0644 or less permissive - '/etc/csh.login' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001730 - All global initialization files must not have extended ACLs - '/etc/security/environ' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001740 - All global initialization files must be owned by root - '/etc/csh.cshrc' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001740 - All global initialization files must be owned by root - '/etc/csh.login' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001740 - All global initialization files must be owned by root - '/etc/profile' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001740 - All global initialization files must be owned by root - '/etc/security/environ' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001760 - All global initialization files must be group-owned by sys, bin, system, or security - '/etc/csh.cshrc' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001830 - All skeleton files (typically in /etc/skel) must be group-owned by security - '/etc/security/mkuser.sys' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001870 - Local initialization files must be group-owned by the user's primary group or root - '~/.bash_profile' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001870 - Local initialization files must be group-owned by the user's primary group or root - '~/.dispatch' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001880 - All local initialization files must have mode 0740 or less permissive - '~/.bash_profile' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001880 - All local initialization files must have mode 0740 or less permissive - '~/.dispatch' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001890 - Local initialization files must not have extended ACLs - '.bash_profile' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001890 - Local initialization files must not have extended ACLs - '.profile' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN002200 - All shell files must be owned by root or bin. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN002280 - Device files and directories must only be writable by users with a system account or as configured by the vendor. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN002300 - Device files used for backup must only be readable and/or writable by root or the backup user - '/dev/rmt*' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN002320 - Audio devices must have mode 0660 or less permissive. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN002330 - Audio devices must not have extended ACLs. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN002360 - Audio devices must be group-owned by root, sys, bin, or system. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN002960 - Access to the cron utility must be controlled using the cron.allow and/or cron.deny file(s) - '/var/adm/cron/cron.allow' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003000 - Cron must not execute group-writable or world-writable programs. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must not be in the cron.allow file or must be in cron.deny - 'invscout' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must not be in the cron.allow file or must be in cron.deny - 'lp' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must not be in the cron.allow file or must be in cron.deny - 'nuucp' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must not be in the cron.allow file or must be in cron.deny - 'uucp' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003110 - Cron and crontab directories must not have extended ACLs - '/var/spool/cron' - acls disabled | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003250 - The cron.allow file must be group-owned by system, bin, sys, or cron. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003280 - Access to the at utility must be controlled via the at.allow and/or at.deny file(s) - '/var/adm/cron/at.deny exists' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003300 - The at.deny file must not be empty if it exists | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'nobody' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'sshd' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003340 - The at.allow file must have mode 0600 or less permissive. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003460 - The at.allow file must be owned by root, bin, or sys. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003520 - The kernel core dump data directory must be owned by root. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003523 - The kernel core dump data directory must not have an extended ACL. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003730 - The inetd.conf file, xinetd.conf file, and the xinetd.d directory must be group-owned by bin, sys, or system - 'xinetd.d' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN004010 - The traceroute file must not have an extended ACL. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN004420 - Files executed through a mail aliases file must have mode 0755 or less permissive. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005190 - The .Xauthority files must not have extended ACLs. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005200 - X displays must not be exported to the world. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005320 - The snmpd.conf file must have mode 0600 or less permissive - '/etc/snmpdv3.conf' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
