Detections
Analytics

CIS IBM AIX 7.2 L1 v1.1.0

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS IBM AIX 7.2 L1 v1.1.0

Updated: 12/3/2024

Authority: CIS

Plugin: Unix

Revision: 1.3

Estimated Item Count: 204

File Details

Filename: CIS_AIX_7.2_Benchmark_v1.1.0_Level_1.audit

Size: 322 kB

MD5: 4494ed64b473867614116cf43f889e79
SHA256: 3dd3c03b9179a6d87e1465f74cc6bb2f482053609b47860742bab1af4f1a0c91

Audit Items

DescriptionCategories
2.1 Collect system configuration regularly
2.2 Scan for TROJAN aka Untrusted/Unauthorized Applications (Implement Allowlist)
2.3 Allowlist Authorized Software and Report Violations
2.4 Allowlist Authorized Libraries and Report Violations
2.5 Allowlist Authorized Scripts and Report Violations
2.7 Remove Unused Symbolic Links
3.3 Ensure default user umask is 027 or more restrictive
3.4 Remove group write permission from default groups - exceptions must be in TSD and audit
3.5 Application Data with requirement for world writable directories
3.6 Ensure there are no world writable files - exceptions must be in TSD and audit
3.7 Ensure there are no 'staff' writable files - exceptions must be in TSD and audit
3.8 Ensure all files and directories are owned by a user (uid) and assigned to a group (gid)
4.1.1.1 Disable writesrv
4.1.1.2 dt
4.1.1.3 piobe
4.1.1.4 qdaemon
4.1.1.5 rc.nfs
4.1.1.6 cas_agent
4.1.2.1 inetd - aka Super Daemon
4.1.2.2 aixmibd
4.1.2.3 dhcpcd
4.1.2.4 dhcprd
4.1.2.5 dhcpsd
4.1.2.6 dpid2
4.1.2.7 gated
4.1.2.8 hostmibd
4.1.2.10 named
4.1.2.11 portmap
4.1.2.12 routed
4.1.2.13 rwhod
4.1.2.14 sendmail
4.1.2.15 snmpd
4.1.2.16 snmpmibd
4.1.2.17 timed
4.1.3.1 autoconf6
4.1.3.2 ndpd-host
4.1.3.3 ndpd-router
4.1.4.1 NFS - disable NFS client
4.1.4.3 NFS - enable both nosuid and nodev options on NFS client mounts
4.1.4.4 NFS - localhost removal
4.1.4.6 NFS - no_root_squash option
4.1.5.1 bootps
4.1.5.2 chargen
4.1.5.3 comsat
4.1.5.4 daytime
4.1.5.5 discard
4.1.5.6 echo
4.1.5.7 exec
4.1.5.8 finger
4.1.5.9 ftp