| GEN000000-AIX0350 - The /etc/ftpaccess.ctl file must not have an extended ACL. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000590 - The system must use a FIPS 140-2 approved cryptographic hashing algorithm for generating account password hashes. | DISA STIG AIX 6.1 v1r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN001220 - All system files, programs, and directories must be owned by a system account - '/bin/*' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN001220 - All system files, programs, and directories must be owned by a system account - '/etc/*' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN001240 - System files, programs, and directories must be group-owned by a system group - '/usr/lbin/*' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN001240 - System files, programs, and directories must be group-owned by a system group - '/usr/ucb/*' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN001290 - All manual page files must not have extended ACLs - '/usr/share/info/*' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001361 - NIS/NIS+/yp command files must not have extended ACLs - '/var/nis' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001430 - The /etc/security/passwd file must not have an extended ACL. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001490 - User home directories must not have extended ACLs. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001560 - All files and directories contained in user's home directories must have mode 0750 or less permissive. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001720 - All global initialization files must have mode 0644 or less permissive - '/etc/environment' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001730 - All global initialization files must not have extended ACLs - '/etc/csh.cshrc' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001730 - All global initialization files must not have extended ACLs - '/etc/csh.login' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001730 - All global initialization files must not have extended ACLs - '/etc/profile' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001780 - Global initialization files must contain the mesg -n or mesg n commands. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN001800 - All skeleton files (typically those in /etc/skel) must have mode 0644 or less permissive - '/etc/security/.profile' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001810 - Skeleton files must not have extended ACLs - '/etc/security/.profile' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001870 - Local initialization files must be group-owned by the user's primary group or root - '~/.cshrc' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001870 - Local initialization files must be group-owned by the user's primary group or root - '~/.emacs' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001870 - Local initialization files must be group-owned by the user's primary group or root - '~/.login' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001870 - Local initialization files must be group-owned by the user's primary group or root - '~/.logout' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001890 - Local initialization files must not have extended ACLs - '.exrc' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001890 - Local initialization files must not have extended ACLs - '.logout' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001980 - /etc/security/passwd file must not contain a plus (+) without defining entries for NIS+ netgroups or LDAP-'/etc/security/passwd' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN002000 - There must be no .netrc files on the system. | DISA STIG AIX 6.1 v1r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - 'hosts.equiv' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN002060 - All .rhosts, .shosts, .netrc, or hosts.equiv files must be accessible by only root or the owner - '~/shosts.equiv' - user | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN002220 - All shell files must have mode 0755 or less permissive. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN002660 - Auditing must be implemented. | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/auditbin' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/auditconv' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/auditselect' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditselect' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN003040 - Crontabs must be owned by root or the crontab creator. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must not be in the cron.allow file or must be in cron.deny - 'daemon' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must not be in the cron.allow file or must be in cron.deny - 'pconsole' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003190 - The cron log files must not have extended ACLs. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003240 - The cron.allow file must be owned by root, bin, or sys. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'invscout' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'lp' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'uucp' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003410 - The at directory must not have an extended ACL. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003430 - The 'at' directory must be group-owned by system, bin, sys, or cron. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003480 - The at.deny file must be owned by root, bin, or sys. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003602 - The system must not process ICMP timestamp requests. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003606 - The system must prevent local applications from generating source-routed packets. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003700 - Inetd and xinetd must be disabled or removed if no network services utilizing them are enabled | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN003720 - The inetd.conf file, xinetd.conf file, and the xinetd.d directory must be owned by root or bin - 'inetd.conf' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN008480 - The system must have USB Mass Storage disabled unless needed. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
