Skip to content

IBM AIX 7.x Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • The timed daemon must be disabled on AIX.

    &lt;VulnDiscussion&gt;This is the old UNIX time service. The timed daemon is the old UNIX time service. Disable this service and use xntp, if time...
    Rule Medium Severity
  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • If AIX server does not host an SNMP agent, the dpid2 daemon must be disabled.

    &lt;VulnDiscussion&gt;The dpid2 daemon acts as a protocol converter, which enables DPI (SNMP v2) sub-agents, such as hostmibd, to talk to a SNMP v1...
    Rule Medium Severity
  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • If SNMP is not required on AIX, the snmpmibd daemon must be disabled.

    &lt;VulnDiscussion&gt;The snmpmibd daemon is a dpi2 sub-agent which manages a number of MIB variables. If snmpd is not required, it is recommended ...
    Rule Medium Severity
  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • The aixmibd daemon must be disabled on AIX.

    &lt;VulnDiscussion&gt;The aixmibd daemon is a dpi2 sub-agent which manages a number of MIB variables. To prevent attacks this daemon should not b...
    Rule Medium Severity
  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • The ndpd-host daemon must be disabled on AIX.

    &lt;VulnDiscussion&gt;This is the Neighbor Discovery Protocol (NDP) daemon, required in IPv6. The ndpd-host is the NDP daemon for the server. Unle...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules