| GEN003060 - Default system accounts must be included in the cron.deny file - 'esaadmin' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must be included in the cron.deny file - 'nuucp' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must be included in the cron.deny file - 'snapp' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must be included in the cron.deny file - 'sys' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must be included in the cron.deny file - 'uucp' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003080 - Crontab files must have mode 0600 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003090 - Crontab files must not have extended ACLs. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003252 - The at.deny file must have mode 0640 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003280 - Access to the at utility must be controlled via the at.allow and/or at.deny file(s) - '/var/adm/cron/at.allow exists' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003300 - The at.deny file must not be empty if it exists | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'esaadmin' - at.deny | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'guest' - at.deny | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'ipsec' - at.allow | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'lpd' - at.allow | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'nuucp' - at.allow | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'sshd' - at.deny | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003410 - The at directory must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003440 - 'At' jobs must not set the umask to a value less restrictive than 077 - '/var/spool/cron/atjobs/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003606 - The system must prevent local applications from generating source-routed packets. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003612 - The system must be configured to use TCP syncookies when experiencing a TCP SYN flood. | DISA STIG AIX 5.3 v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN003700 - Inetd and xinetd must be disabled or removed if no network services utilizing them are enabled | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN003700 - Inetd and xinetd must be disabled or removed if no network services utilizing them are enabled - inetd is running | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN003720 - The inetd.conf file, xinetd.conf file, and the xinetd.d directory must be owned by root or bin - 'inetd.conf' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003730 - The inetd.conf file, xinetd.conf file, and the xinetd.d directory must be group-owned by bin, sys, or system - 'inetd.conf' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003730 - The inetd.conf file, xinetd.conf file, and the xinetd.d directory must be group-owned by bin, sys, or system - 'xinetd.conf' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003865 - Network analysis tools must not be installed - 'tshark' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN003865 - Network analysis tools must not be installed - 'wireshark' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN003930 - The hosts.lpd (or equivalent) file must be group-owned by bin, sys, or system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003950 - The hosts.lpd (or equivalent) file must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN004000 - The traceroute file must have mode 0700 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN004010 - The traceroute file must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN004370 - The aliases file must be group-owned by sys, bin, or system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN004380 - The alias file must have mode 0644 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN004560 - The SMTP service's SMTP greeting must not provide version information. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN004710 - Mail relaying must be restricted. | DISA STIG AIX 5.3 v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN004920 - The ftpusers file must be owned by root. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005040 - All FTP users must have a default umask of 077. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005120 - The TFTP daemon must be configured to vendor specs including a home directory owned by the TFTP user - 'tftp user shell' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005340 - Management Information Base (MIB) files must have mode 0640 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005360 - The snmpd.conf file must be owned by root - '/etc/snmpdv3.conf' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005365 - The snmpd.conf file must be group-owned by bin, sys, or system - '/etc/snmpd.conf' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005460 - The system must only use remote syslog servers (log hosts) justified and documented using site-defined procedures. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005522 - The SSH public host key files must have mode 0644 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005536 - The SSH daemon must perform strict mode checking of home directory configuration files. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005537 - The SSH daemon must use privilege separation. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005540 - The SSH daemon must be configured for IP filtering - '/etc/hosts.allow' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005550 - The SSH daemon must be configured with the Department of Defense (DoD) logon banner - 'Banner file has been defined' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005560 - The system must be configured with a default gateway for IPv4 if the system uses IPv4, unless the system is a router. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005580 - A system used for routing must not run other network services or applications. | DISA STIG AIX 5.3 v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN005740 - The NFS export configuration file must be owned by root. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
