Check: GEN005260
AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE:
GEN005260
(in versions v1 r14 through v1 r10)
Title
X Window System connections not required must be disabled. (Cat II impact)
Discussion
If unauthorized clients are permitted access to the X server, the user's X session may be compromised.
Check Content
Determine if the X Window system is running. Procedure: # ps -ef |grep X Ask the SA if the X Window system is an operational requirement. If it is not, this is a finding.
Fix Text
Disable the X Windows server on the system. Comment out /etc/rc.dt out of /etc/inittab
Additional Identifiers
Rule ID: SV-38954r1_rule
Vulnerability ID: V-12018
Group Title: GEN005260
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-001436 |
The organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |