| GEN002690 - System audit logs must be group-owned by bin, sys, or system. | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002716 - System audit tool executables must be group-owned by bin, sys, or system - '/usr/sbin/auditbin' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002716 - System audit tool executables must be group-owned by bin, sys, or system - '/usr/sbin/auditcat' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002716 - System audit tool executables must be group-owned by bin, sys, or system - '/usr/sbin/auditconv' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002716 - System audit tool executables must be group-owned by bin, sys, or system - '/usr/sbin/auditmerge' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditcat' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditconv' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditstream' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN003060 - Default system accounts must not be in the cron.allow file or must be in cron.deny - 'guest' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must not be in the cron.allow file or must be in cron.deny - 'ipsec' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must not be in the cron.allow file or must be in cron.deny - 'sys' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003090 - Crontab files must not have extended ACLs. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003100 - Cron and crontab directories must have mode 0755 or less permissive. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'adm' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'guest' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'sys' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003601 - TCP backlog queue sizes must be set appropriately. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN003605 - The system must not apply reversed source routing to TCP responses. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003610 - The system must not send IPv4 ICMP redirects. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003623 - The system must use a separate file system for the system audit data path. | DISA STIG AIX 6.1 v1r14 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN003730 - The inetd.conf file, xinetd.conf file, and the xinetd.d directory must be group-owned by bin, sys, or system - 'xinetd.conf' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003740 - The inetd.conf and xinetd.conf files must have mode 0440 or less permissive - 'xinetd.conf' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003865 - Network analysis tools must not be installed - 'ethereal' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN003865 - Network analysis tools must not be installed - 'tshark' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN004390 - The alias file must not have an extended ACL. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN004500 - The SMTP service log file must have mode 0644 or less permissive. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN004840 - If the system is an anonymous FTP server, it must be isolated to the DMZ network. | DISA STIG AIX 6.1 v1r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN004880 - The ftpusers file must exist. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN004920 - The ftpusers file must be owned by root. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN004940 - The ftpusers file must have mode 0640 or less permissive. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005000 - Anonymous FTP accounts must not have a functional shell. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005100 - The TFTP daemon must have mode 0755 or less permissive. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005120 - The TFTP daemon must be configured to vendor specs including a home directory owned by the TFTP user - 'tftp user shell' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005340 - Management Information Base (MIB) files must have mode 0640 or less permissive. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005375 - The snmpd.conf file must not have an extended ACL - '/etc/snmpdv3.conf' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005395 - The /etc/syslog.conf file must not have an extended ACL. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005400 - The /etc/syslog.conf file must be owned by root. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005501 - The SSH client must be configured to only use the SSHv2 protocol. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005760 - The NFS export configuration file must have mode 0644 or less permissive. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005840 - The NFS server must be configured to restrict file system access to local hosts - 'Exports containing rw should be reviewed' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN006150 - The /usr/lib/smb.conf file must not have an extended ACL. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN006210 - The /var/private/smbpasswd file must not have an extended ACL. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN006220 - The smb.conf file must use the hosts option to restrict access to Samba. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN006225 - Samba must be configured to use an authentication mechanism other than share. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN006380 - The system must not use UDP for NIS/NIS+. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN006400 - The Network Information System (NIS) protocol must not be used. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN006571 - The file integrity tool must be configured to verify extended attributes. | DISA STIG AIX 6.1 v1r14 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN006620 - The system's access control program must be configured to grant or deny system access to specific hosts - '/etc/hosts.deny' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN006640 - The system must use a virus scan program. | DISA STIG AIX 6.1 v1r14 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN007850 - The DHCP client must not send dynamic DNS updates - 'updateDNS exists in /etc/dhcpcd.ini' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
