DISA STIG AIX 6.1 v1r13

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG AIX 6.1 v1r13

Updated: 2/11/2019

Authority: DISA STIG

Plugin: Unix

Revision: 1.4

Estimated Item Count: 884

File Details

Filename: DISA_STIG_AIX_6.1_v1r13.audit

Size: 1.2 MB

MD5: 9bfd453a58384c0664ec15ef6d9a67fe

SHA256: dff9c939c6da3b5b70b82030d32472759dd24566fffff3c277a7783dc791e3f6

Audit Items

Description	Categories
DISA_STIG_AIX_6.1_v1r13.audit for AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE v1r13
GEN000000-AIX00020 - AIX Trusted Computing Base (TCB) software must be implemented.	ACCESS CONTROL
GEN000000-AIX00040 - The securetcpip command must be used - /etc/security/config has been configured	CONFIGURATION MANAGEMENT
GEN000000-AIX00040 - The securetcpip command must be used.	CONFIGURATION MANAGEMENT
GEN000000-AIX00060 - A baseline of AIX files with the TCB bit set must be checked weekly.	ACCESS CONTROL
GEN000000-AIX00080 - The SYSTEM attribute must not be set to NONE for any account.	IDENTIFICATION AND AUTHENTICATION
GEN000000-AIX0085 - The /etc/netsvc.conf file must be root owned.	CONFIGURATION MANAGEMENT
GEN000000-AIX0090 - The /etc/netsvc.conf file must be group-owned by bin, sys, or system.	CONFIGURATION MANAGEMENT
GEN000000-AIX0100 - The /etc/netsvc.conf file must have mode 0644 or less permissive.	CONFIGURATION MANAGEMENT
GEN000000-AIX0110 - The /etc/netsvc.conf file must not have an extended ACL.	ACCESS CONTROL
GEN000000-AIX0200 - The system must not allow directed broadcasts to gateway.	SYSTEM AND COMMUNICATIONS PROTECTION
GEN000000-AIX0210 - The system must provide protection from Internet Control Message Protocol (ICMP) attacks on TCP connections.	SYSTEM AND COMMUNICATIONS PROTECTION
GEN000000-AIX0220 - The system must provide protection for the TCP stack against connection resets, SYN, and data injection attacks.	SYSTEM AND COMMUNICATIONS PROTECTION
GEN000000-AIX0230 - The system must provide protection against IP fragmentation attacks.	SYSTEM AND COMMUNICATIONS PROTECTION
GEN000000-AIX0300 - The system must not have the bootp service active.	CONFIGURATION MANAGEMENT
GEN000000-AIX0310 - The /etc/ftpaccess.ctl file must exist.	CONFIGURATION MANAGEMENT
GEN000000-AIX0320 - The /etc/ftpaccess.ctl file must be owned by root.	CONFIGURATION MANAGEMENT
GEN000000-AIX0330 - The /etc/ftpaccess.ctl file must be group-owned by bin, sys, or system.	CONFIGURATION MANAGEMENT
GEN000000-AIX0340 - The /etc/ftpaccess.ctl file must have mode 0640 or less permissive.	CONFIGURATION MANAGEMENT
GEN000000-AIX0350 - The /etc/ftpaccess.ctl file must not have an extended ACL.	ACCESS CONTROL
GEN000020 - The system must require authentication upon booting into single-user and maintenance modes.
GEN000100 - The operating system must be a supported release.	SYSTEM AND INFORMATION INTEGRITY
GEN000120 - System security patches and updates must be installed and up-to-date - instfix -i	SYSTEM AND INFORMATION INTEGRITY
GEN000120 - System security patches and updates must be installed and up-to-date - oslevel -s	SYSTEM AND INFORMATION INTEGRITY
GEN000140 - A file integrity baseline must be created and maintained.
GEN000220 - A file integrity tool must be used at least weekly to check for unauthorized file, system libraries or binaries changes.	SYSTEM AND INFORMATION INTEGRITY
GEN000240 - The system clock must be synchronized to an authoritative DoD time source - 'NTP daemon is running'	AUDIT AND ACCOUNTABILITY
GEN000240 - The system clock must be synchronized to an authoritative DoD time source - 'NTP daemon is started at boot'	AUDIT AND ACCOUNTABILITY
GEN000240 - The system clock must be synchronized to an authoritative DoD time source - 'NTP daemon uses approved sources'	AUDIT AND ACCOUNTABILITY
GEN000240 - The system clock must be synchronized to an authoritative DoD time source - 'xntpd is started at boot time'	AUDIT AND ACCOUNTABILITY
GEN000240 - The system clock must be synchronized to an authoritative DoD time source - 'xntpd\|ntpd is running'	AUDIT AND ACCOUNTABILITY
GEN000241 - The system clock must be synchronized continuously, or at least daily - 'NTP daemon is running'	AUDIT AND ACCOUNTABILITY
GEN000241 - The system clock must be synchronized continuously, or at least daily - 'NTP daemon is started at boot'	AUDIT AND ACCOUNTABILITY
GEN000242 - The system must use at least two time sources for clock synchronization - 'at least 2 servers are configured'	AUDIT AND ACCOUNTABILITY
GEN000242 - The system must use at least two time sources for clock synchronization - 'NTP daemon is running'	AUDIT AND ACCOUNTABILITY
GEN000242 - The system must use at least two time sources for clock synchronization - 'NTP daemon is started at boot'	AUDIT AND ACCOUNTABILITY
GEN000244 - The system must use time sources local to the enclave.
GEN000250 - The time synchronization configuration file (such as /etc/ntp.conf) must be owned by root.	CONFIGURATION MANAGEMENT
GEN000251 - The time synchronization configuration file (such as /etc/ntp.conf) must be group-owned by bin, sys, or system.	CONFIGURATION MANAGEMENT
GEN000252 - The time synchronization configuration file (such as /etc/ntp.conf) must have mode 0640 or less permissive.	CONFIGURATION MANAGEMENT
GEN000253 - The time synchronization configuration file (such as /etc/ntp.conf) must not have an extended ACL.	ACCESS CONTROL
GEN000280 - Direct logins must not be permitted to shared, default, application, or utility accounts - '/etc/security/user rlogin=false'	ACCESS CONTROL
GEN000280 - Direct logins must not be permitted to shared, default, application, or utility accounts - 'results of last should be reviewed'	ACCESS CONTROL
GEN000290 - The system must not have unnecessary accounts - 'ftp does not exsit'	ACCESS CONTROL
GEN000290 - The system must not have unnecessary accounts - 'games does not exsit'	ACCESS CONTROL
GEN000290 - The system must not have unnecessary accounts - 'gopher does not exsit'	ACCESS CONTROL
GEN000290 - The system must not have unnecessary accounts - 'guest does not exsit'	ACCESS CONTROL
GEN000290 - The system must not have unnecessary accounts - 'lp does not exsit'	ACCESS CONTROL
GEN000290 - The system must not have unnecessary accounts - 'news does not exsit'	ACCESS CONTROL
GEN000290 - The system must not have unnecessary accounts - 'uucp does not exsit'	ACCESS CONTROL

Detections

Analytics

DISA STIG AIX 6.1 v1r13

Warning! Audit Deprecated

Audit Details

File Details

Audit Items