CIS IBM AIX 7.1 L1 v2.1.0

Audit Details

Name: CIS IBM AIX 7.1 L1 v2.1.0

Updated: 6/17/2024

Authority: CIS

Plugin: Unix

Revision: 1.4

Estimated Item Count: 170

File Details

Filename: CIS_AIX_7.1_Benchmark_v2.1.0_Level_1.audit

Size: 333 kB

MD5: be89260c6e3de1cfd78f9984ba3d77d7

SHA256: a30559cbef99f6b3bcdba44f3ecd665a30c6ce6e9ae98ba05a45c2b619f981a9

Audit Items

Description	Categories
2.2 Verify world writable directories provide unlink() protection	ACCESS CONTROL, MEDIA PROTECTION
2.3 Ensure default user umask is 027 or more restrictive	ACCESS CONTROL, MEDIA PROTECTION
2.4 Ensure there are no 'other' writable objects	ACCESS CONTROL, MEDIA PROTECTION
2.5 Ensure all files and directories are owned by a user (uid) and assigned to a group (gid) - gid	ACCESS CONTROL, MEDIA PROTECTION
3.1.1.1 Disable writesrv	CONFIGURATION MANAGEMENT
3.1.1.4 qdaemon	CONFIGURATION MANAGEMENT
3.1.1.6 cas_agent	CONFIGURATION MANAGEMENT
3.1.2.1 Disable ntalk/talk/write - inetd	CONFIGURATION MANAGEMENT
3.1.2.1 Disable ntalk/talk/write - writesrv	CONFIGURATION MANAGEMENT
3.1.2.9 inetd - aka Super Daemon - aka Super Daemon	CONFIGURATION MANAGEMENT
3.1.2.18 timed	CONFIGURATION MANAGEMENT
3.1.4.2 NFS - enable both nosuid and nodev options on NFS client mounts - nodev	ACCESS CONTROL, MEDIA PROTECTION
3.1.4.2 NFS - enable both nosuid and nodev options on NFS client mounts - nosuid	ACCESS CONTROL, MEDIA PROTECTION
3.1.4.3 NFS - localhost removal - localhost removal	CONFIGURATION MANAGEMENT
3.1.4.5 NFS - no root access via NFS exports	CONFIGURATION MANAGEMENT
3.1.5.1 bootps	CONFIGURATION MANAGEMENT
3.1.5.2 chargen	CONFIGURATION MANAGEMENT
3.1.5.3 comsat	CONFIGURATION MANAGEMENT
3.1.5.4 daytime	CONFIGURATION MANAGEMENT
3.1.5.5 discard	CONFIGURATION MANAGEMENT
3.1.5.6 echo	CONFIGURATION MANAGEMENT
3.1.5.7 exec	CONFIGURATION MANAGEMENT
3.1.5.8 finger	CONFIGURATION MANAGEMENT
3.1.5.9 ftp	CONFIGURATION MANAGEMENT
3.1.5.10 imap2	CONFIGURATION MANAGEMENT
3.1.5.11 instsrv	CONFIGURATION MANAGEMENT
3.1.5.12 klogin	CONFIGURATION MANAGEMENT
3.1.5.13 kshell	CONFIGURATION MANAGEMENT
3.1.5.14 login	CONFIGURATION MANAGEMENT
3.1.5.15 netstat	CONFIGURATION MANAGEMENT
3.1.5.16 ntalk	CONFIGURATION MANAGEMENT
3.1.5.17 pcnfsd	CONFIGURATION MANAGEMENT
3.1.5.18 pop3	CONFIGURATION MANAGEMENT
3.1.5.19 rexd	CONFIGURATION MANAGEMENT
3.1.5.20 rquotad	CONFIGURATION MANAGEMENT
3.1.5.21 rstatd	CONFIGURATION MANAGEMENT
3.1.5.22 rusersd	CONFIGURATION MANAGEMENT
3.1.5.23 rwalld	CONFIGURATION MANAGEMENT
3.1.5.24 shell	CONFIGURATION MANAGEMENT
3.1.5.25 sprayd	CONFIGURATION MANAGEMENT
3.1.5.26 xmquery	CONFIGURATION MANAGEMENT
3.1.5.27 talk	CONFIGURATION MANAGEMENT
3.1.5.28 telnet	CONFIGURATION MANAGEMENT
3.1.5.29 tftp	CONFIGURATION MANAGEMENT
3.1.5.30 time	CONFIGURATION MANAGEMENT
3.1.5.31 uucp	CONFIGURATION MANAGEMENT
3.2.5 CDE - sgid/suid binary lockdown - /usr/dt/bin/dtaction	ACCESS CONTROL, MEDIA PROTECTION
3.2.5 CDE - sgid/suid binary lockdown - /usr/dt/bin/dtappgather	ACCESS CONTROL, MEDIA PROTECTION
3.2.5 CDE - sgid/suid binary lockdown - /usr/dt/bin/dtprintinfo	ACCESS CONTROL, MEDIA PROTECTION
3.2.5 CDE - sgid/suid binary lockdown - /usr/dt/bin/dtsession	ACCESS CONTROL, MEDIA PROTECTION

Detections

Analytics

CIS IBM AIX 7.1 L1 v2.1.0

Audit Details

File Details

Audit Items