Check: GEN000000-AIX00040
AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE:
GEN000000-AIX00040
(in versions v1 r14 through v1 r10)
Title
The securetcpip command must be used. (Cat II impact)
Discussion
The AIX securetcpip command disables insecure network utilities, such as rcp, rlogin, rlogind, rsh, rshd, tftp, tftpd, and trpt/d. These services increase the attack surface of the system.
Check Content
The securetcpip command is in /etc. If it is not there, this is a finding. Perform: more /etc/security/config If the stanza below is not there, this is a finding. tcpip: netrc = ftp, rexec The stanza indicates the securetcpip command, which disables all the unsafe tcpip commands, (e.g., rsh, rlogin, tftp) has been executed.
Fix Text
Ensure secure tcp/ip has been invoked before allowing operations on the system.
Additional Identifiers
Rule ID: SV-4284r2_rule
Vulnerability ID: V-4284
Group Title: GEN000000-AIX00040
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000032 |
The information system enforces information flow control using organization-defined security policy filters as a basis for flow control decisions for organization-defined information flows. |
Controls
Number | Title |
---|---|
AC-4 (8) |
Security Policy Filters |