Check: AIX7-00-003061
IBM AIX 7.x STIG:
AIX7-00-003061
(in versions v3 r1 through v1 r1)
Title
The aixmibd daemon must be disabled on AIX. (Cat II impact)
Discussion
The aixmibd daemon is a dpi2 sub-agent which manages a number of MIB variables. To prevent attacks this daemon should not be enabled unless there is no alternative.
Check Content
From the command prompt, execute the following command: # grep "^start[[:blank:]]/usr/sbin/aixmibd" /etc/rc.tcpip If there is any output from the command, this is a finding.
Fix Text
In "/etc/rc.tcpip", comment out the "aixmibd" entry by running command: # chrctcp -d aixmibd
Additional Identifiers
Rule ID: SV-215366r958478_rule
Vulnerability ID: V-215366
Group Title: SRG-OS-000095-GPOS-00049
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
Number | Definition |
---|---|
CCI-000381 |
Configure the system to provide only organization-defined mission essential capabilities. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
Number | Title |
---|---|
CM-7 |
Least Functionality |