III - Administrative Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
If SNMP is not required on AIX, the snmpmibd daemon must be disabled.
<VulnDiscussion>The snmpmibd daemon is a dpi2 sub-agent which manages a number of MIB variables. If snmpd is not required, it is recommended ...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The aixmibd daemon must be disabled on AIX.
<VulnDiscussion>The aixmibd daemon is a dpi2 sub-agent which manages a number of MIB variables. To prevent attacks this daemon should not b...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The ndpd-host daemon must be disabled on AIX.
<VulnDiscussion>This is the Neighbor Discovery Protocol (NDP) daemon, required in IPv6. The ndpd-host is the NDP daemon for the server. Unle...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The ndpd-router must be disabled on AIX.
<VulnDiscussion>This manages the Neighbor Discovery Protocol (NDP) for non-kernel activities, required in IPv6. The ndpd-router manages NDP ...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The daytime daemon must be disabled on AIX.
<VulnDiscussion>The daytime service provides the current date and time to other servers on a network. This daytime service is a defunct time...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The cmsd daemon must be disabled on AIX.
<VulnDiscussion>This is a calendar and appointment service for CDE. The cmsd service is utilized by CDE to provide calendar functionality. I...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The ttdbserver daemon must be disabled on AIX.
<VulnDiscussion>The ttdbserver service is the tool-talk database service for CDE. This service runs as root and should be disabled. Unless re...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The uucp (UNIX to UNIX Copy Program) daemon must be disabled on AIX.
<VulnDiscussion>This service facilitates file copying between networked servers. The uucp (UNIX to UNIX Copy Program), service allows users ...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The time daemon must be disabled on AIX.
<VulnDiscussion>This service can be used to synchronize system clocks. The time service is an obsolete process used to synchronize system cl...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The talk daemon must be disabled on AIX.
<VulnDiscussion>This talk service is used to establish an interactive two-way communication link between two UNIX users. Unless required the ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.