Item Search

Name	Audit Name	Plugin	Category
GEN003060 - Default system accounts must be included in the cron.allow file - 'sys'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003060 - Default system accounts must be included in the cron.deny file - 'invscout'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003060 - Default system accounts must be included in the cron.deny file - 'pconsole'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003190 - The cron log files must not have extended ACLs.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003200 - The cron.deny file must have mode 0640 or less permissive.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003250 - The cron.allow file must be group-owned by system, bin, sys, or cron.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003255 - The at.deny file must not have an extended ACL.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003260 - The cron.deny file must be owned by root, bin, or sys.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003270 - The cron.deny file must be group-owned by system, bin, sys, or cron.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'daemon' - at.allow	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'nobody' - at.allow	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'nobody' - at.deny	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'nuucp' - at.deny	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'pconsole' - at.allow	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'snapp' - at.allow	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003400 - The at directory must have mode 0755 or less permissive.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003470 - The at.allow file must be group-owned by system, bin, sys, or cron.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003480 - The at.deny file must be owned by root, bin, or sys.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003510 - Kernel core dumps must be disabled unless needed - 'primary dump device'	DISA STIG AIX 5.3 v1r2	Unix	CONFIGURATION MANAGEMENT
GEN003540 - The system must implement non-executable program stacks.	DISA STIG AIX 5.3 v1r2	Unix	CONFIGURATION MANAGEMENT
GEN003601 - TCP backlog queue sizes must be set appropriately.	DISA STIG AIX 5.3 v1r2	Unix	CONFIGURATION MANAGEMENT
GEN003610 - The system must not send IPv4 ICMP redirects.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003660 - The system must log authentication informational data - 'auth.info'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN003730 - The inetd.conf file, xinetd.conf file, and the xinetd.d directory must be group-owned by bin, sys, or system - 'xinetd.d'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003745 - The inetd.conf and xinetd.conf files must not have extended ACLs - 'inetd.conf'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003745 - The inetd.conf and xinetd.conf files must not have extended ACLs - 'xinetd.conf'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN003865 - Network analysis tools must not be installed - 'netcat'	DISA STIG AIX 5.3 v1r2	Unix	CONFIGURATION MANAGEMENT
GEN003865 - Network analysis tools must not be installed - 'snoop'	DISA STIG AIX 5.3 v1r2	Unix	CONFIGURATION MANAGEMENT
GEN003960 - The traceroute command owner must be root.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN004390 - The alias file must not have an extended ACL.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN004420 - Files executed through a mail aliases file must have mode 0755 or less permissive.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN004430 - Files executed through a mail aliases file must not have extended ACLs.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN004460 - The system syslog service must log informational and more severe SMTP service messages.	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN004820 - Anonymous FTP must not be active on the system unless authorized.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN004880 - The ftpusers file must exist.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN004900 - The ftpusers file must contain account names not allowed to use FTP.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN004950 - The ftpusers file must not have an extended ACL.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN005120 - The TFTP daemon must be configured to vendor specs including a home directory owned by the TFTP user	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN005240 - The .Xauthority utility must only permit access to authorized hosts.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN005375 - The snmpd.conf file must not have an extended ACL - '/etc/snmpd.conf'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN005380 - If the system is a Network Management System (NMS) server, it must only run the NMS and any software required by the NMS.	DISA STIG AIX 5.3 v1r2	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
GEN005480 - The syslog daemon must not accept remote messages unless it is a syslog server documented using site-defined procedures.	DISA STIG AIX 5.3 v1r2	Unix	CONFIGURATION MANAGEMENT
GEN005750 - The NFS export configuration file must be group-owned by root, bin, sys, or system.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN005880 - The NFS server must not allow remote root access.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN006140 - The /usr/lib/smb.conf file must have mode 0644 or less permissive.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN006210 - The /var/private/smbpasswd file must not have an extended ACL.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN006620 - The system's access control program must be configured to grant or deny system access to specific hosts - 'hosts.deny ALL:ALL'	DISA STIG AIX 5.3 v1r2	Unix	CONFIGURATION MANAGEMENT
GEN006640 - The system must use and update a DoD-approved virus scan program - 'clean.dat' - update date	DISA STIG AIX 5.3 v1r2	Unix	SYSTEM AND INFORMATION INTEGRITY
GEN006640 - The system must use and update a DoD-approved virus scan program - 'names.dat'	DISA STIG AIX 5.3 v1r2	Unix	SYSTEM AND INFORMATION INTEGRITY
GEN007760 - Proxy Neighbor Discovery Protocol (NDP) must not be enabled on the system.	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL

Detections

Analytics

Item Search