The AIX system must have no .netrc files on the system.
An XCCDF Rule
Description
<VulnDiscussion>Unencrypted passwords for remote FTP servers may be stored in .netrc files. Policy requires passwords be encrypted in storage and not used in access scripts.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-215403r1009555_rule
- Severity
- High
- References
- Updated
Remediation - Manual Procedure
Remove all ".netrc" file(s):
# find / -name .netrc -exec rm {} \;