Check: GEN001000
AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE:
GEN001000
(in versions v1 r14 through v1 r10)
Title
Remote consoles must be disabled or protected from unauthorized access. (Cat II impact)
Discussion
The remote console feature provides an additional means of access to the system which could allow unauthorized access if not disabled or properly secured. With virtualization technologies, remote console access is essential as there is no physical console for virtual machines. Remote console access must be protected in the same manner as any other remote privileged access method.
Check Content
Check /etc/security/login.cfg # more /etc/security/login.cfg If an alternate console is defined, this is a finding.
Fix Text
Edit /etc/security/login.cfg and remove the alternate console definition.
Additional Identifiers
Rule ID: SV-27149r1_rule
Vulnerability ID: V-4298
Group Title: GEN001000
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000070 |
The organization authorizes the execution of privileged commands via remote access only for organization-defined needs. |
Controls
Number | Title |
---|---|
AC-17 (4) |
Privileged Commands / Access |