Check: GEN000000-AIX00060
AIX 5.3 STIG:
GEN000000-AIX00060
(in version v1 r3)
Title
A baseline of AIX files with the TCB bit set must be checked weekly. (Cat II impact)
Discussion
If a baseline of files with the TCB bit set is not kept and checked weekly, the system could be compromised without the knowledge of any authority.
Check Content
Perform the following command with no parameters to ensure the system is in trusted mode. # /bin/tcbck If TCB is not installed, the output will show an error code of 3001-101 and/or a text message indicating TCB is not installed. If the output from the command indicates it is not in trusted mode, this is not reviewed. Otherwise, check the root crontab to verify tcbck is executed weekly. If it is not in the crontab, ask the SA if the check is run manually and to see the results of the check.
Fix Text
Add tcbck command as a weekly cronjob with the output sent to the SA.
Additional Identifiers
Rule ID: SV-4287r2_rule
Vulnerability ID: V-4287
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001298 |
The organization reassesses the integrity of software and information by performing, on an organization-defined frequency, integrity scans of the information system. |
Controls
Number | Title |
---|---|
No controls are assigned to this check |