| GEN001850 - Global initialization files' lists of preloaded libraries must contain only absolute paths - '/etc/security/.login' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001870 - Local initialization files must be group-owned by the user's primary group or root - '~/.dispatch' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001870 - Local initialization files must be group-owned by the user's primary group or root - '~/.env' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001870 - Local initialization files must be group-owned by the user's primary group or root - '~/.login' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001880 - All local initialization files must have mode 0740 or less permissive - '~/.env' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001890 - Local initialization files must not have extended ACLs - '.bash_logout' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001890 - Local initialization files must not have extended ACLs - '.emacs' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001890 - Local initialization files must not have extended ACLs - '.env' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001890 - Local initialization files must not have extended ACLs - '.login' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001901 - Local initialization files' library search paths must contain only absolute paths - 'LD_LIBRARY_PATH' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002020 - All .rhosts, .shosts, or host.equiv files must only contain trusted host-user pairs. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002060 - All .rhosts, .shosts, .netrc, or hosts.equiv files must be accessible by only root or the owner - '~/shosts.equiv' - user | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002210 - All shell files must be group-owned by root, bin, sys, or system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002280 - Device files and directories must only be writable by users with a system account or as configured by the vendor. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002330 - Audio devices must not have extended ACLs. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002420 - Removable media, remote file systems and any file system not containing approved setuid files must be mounted with nosuid. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002480 - Public directories must be the only world-writable directories and world-writable files must be located only in public dirs | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002520 - All public directories must be owned by root or an application account. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002710 - All system audit files must not have extended ACLs. | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002740 - The audit system must be configured to audit file deletions - '/etc/security/audit/events FILE_Unlink exists' | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002740 - The audit system must be configured to audit file deletions - 'User audit class assignments should be reviewed' | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002800 - System must be configured to audit login, logout, and session initiation - '/etc/security/audit/config INIT_End exists' | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002800 - System must be configured to audit login, logout, and session initiation - 'User audit class assignments should be reviewed' | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002825 - System must be configured to audit load/unload dynamic kernel modules - '/etc/security/audit/events DEV_Remove exists' | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN003020 - Cron must not execute programs in, or subordinate to, world-writable directories. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003050 - Crontab files must be group-owned by system, cron, or the crontab creator's primary group. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must be included in the cron.deny file - 'bin' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must be included in the cron.deny file - 'guest' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must be included in the cron.deny file - 'lpd' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003100 - Cron and crontab directories must have mode 0755 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003110 - Cron and crontab directories must not have extended ACLs - '/var/spool/cron' - acls disabled | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003110 - Cron and crontab directories must not have extended ACLs - '/var/spool/cron/crontabs/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003120 - Cron and crontab directories must be owned by root or bin. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003160 - Cron logging must be implemented. | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN003210 - The cron.deny file must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003280 - Access to the at utility must be controlled via the at.allow and/or at.deny file(s) - '/var/adm/cron/at.deny exists' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'guest' - at.allow | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'lp' - at.allow | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'lp' - at.deny | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'sys' - at.deny | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003420 - The at directory must be owned by root, bin, sys, daemon, or cron. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003430 - The 'at' directory must be group-owned by system, bin, sys, or cron. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003440 - 'At' jobs must not set the umask to a value less restrictive than 077 - '/var/spool/atjobs/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003460 - The at.allow file must be owned by root, bin, or sys. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003490 - The at.deny file must be group-owned by system, bin, sys, or cron. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003603 - The system must not respond to ICMPv4 echoes sent to a broadcast address. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003605 - The system must not apply reversed source routing to TCP responses. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003607 - The system must not accept source-routed IPv4 packets. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003660 - The system must log authentication informational data - 'auth.notice' | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN003720 - The inetd.conf file, xinetd.conf file, and the xinetd.d directory must be owned by root or bin - 'xinetd.conf' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
