Check: ITCP0025
zOS RACF STIG:
ITCP0025
(in versions v6 r43 through v6 r30)
Title
The hosts identified by the NSINTERADDR statement must be properly protected. (Cat II impact)
Discussion
If the hosts identified by NSINTERADDR statement are not properly protected they can be stolen, damaged, or disturbed. Without adequate physical security, unauthorized users can access the host and the hosts' components. Therefore, they can interfere with the normal operations of the host. Improper control of hosts and the hosts' components could compromise network operations.
Check Content
Refer to the Data configuration file specified on the SYSTCPD DD statement in the TCPIP started task JCL. Gather the following information for any NSINTERADDR statement coded in the TCP/IP Data configuration file: Identify the physical location of the host running a DNS server (i.e., on-site or off-site at organization, city, state). Obtain the description of the physical security controls used to limit access to the area where the host is located. Automated Analysis requires Additional Analysis. Refer to the following report produced by the IBM Communications Server Data Collection: - PDI(ITCP0025) Verify that if the NSINTERADDR statements are not specified in the TCP/IP Data configuration file, this is not applicable. Verify that the NSITERADDR statements specified in the TCP/IP Data configuration file. If the following guidance is true, this is not a finding. ___ The NSINTERADDR statements refer to hosts connected directly to networks within the physical premises of the host site. ___ The NSINTERADDR statements refer to hosts that are located in areas with physical access limited to authorized personnel.
Fix Text
The IAO will ensure that the hosts and the hosts components identified in the NSINTERADDR statement are protected. The IAO, with assistance from the system programmer, will ensure that any NSINTERADDR statements coded in the TCPIP.DATA file refer to hosts connected directly to networks within the physical premises of the host site and located in areas with physical access limited to authorized personnel.
Additional Identifiers
Rule ID: SV-5627r4_rule
Vulnerability ID: V-5627
Group Title: ITCP0025
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000366 |
The organization implements the security configuration settings. |
| CCI-000919 |
The organization enforces physical access authorizations at organization-defined entry/exit points to the facility where the information system resides. |