III - Administrative Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The ntalk daemon must be disabled on AIX.
<VulnDiscussion>This service establishes a two-way communication link between two users, either locally or remotely. Unless required the ntal...Rule High Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The chargen daemon must be disabled on AIX.
<VulnDiscussion>This service is used to test the integrity of TCP/IP packets arriving at the destination. This chargen service is a characte...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The discard daemon must be disabled on AIX.
<VulnDiscussion>The discard service is used as a debugging and measurement tool. It sets up a listening socket and ignores data that it recei...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The dtspc daemon must be disabled on AIX.
<VulnDiscussion>The dtspc service deals with the CDE interface of the X11 daemon. It is started automatically by the inetd daemon in response...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The pcnfsd daemon must be disabled on AIX.
<VulnDiscussion>The pcnfsd service is an authentication and printing program, which uses NFS to provide file transfer services. This service ...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The rstatd daemon must be disabled on AIX.
<VulnDiscussion>The rstatd service is used to provide kernel statistics and other monitorable parameters pertinent to the system such as: CPU...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The rusersd daemon must be disabled on AIX.
<VulnDiscussion>The rusersd service runs as root and provides a list of current users active on a system. An attacker may use this service to...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The sprayd daemon must be disabled on AIX.
<VulnDiscussion>The sprayd service is used as a tool to generate UDP packets for testing and diagnosing network problems. The service must be...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The klogin daemon must be disabled on AIX.
<VulnDiscussion>The klogin service offers a higher degree of security than traditional rlogin or telnet by eliminating most clear-text passwo...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The kshell daemon must be disabled on AIX.
<VulnDiscussion>The kshell service offers a higher degree of security than traditional rsh services. However, it still does not use encrypted...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The rquotad daemon must be disabled on AIX.
<VulnDiscussion>The rquotad service allows NFS clients to enforce disk quotas on file systems that are mounted on the local system. This serv...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The tftp daemon must be disabled on AIX.
<VulnDiscussion>The tftp service allows remote systems to download or upload files to the tftp server without any authentication. It is there...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The imap2 service must be disabled on AIX.
<VulnDiscussion>The imap2 service or Internet Message Access Protocol (IMAP) supports the IMAP4 remote mail access protocol. It works with se...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The pop3 daemon must be disabled on AIX.
<VulnDiscussion>The pop3 service provides a pop3 server. It supports the pop3 remote mail access protocol. It works with sendmail and bellmai...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The finger daemon must be disabled on AIX.
<VulnDiscussion>The fingerd daemon provides the server function for the finger command. This allows users to view real-time pertinent user lo...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The instsrv daemon must be disabled on AIX.
<VulnDiscussion>The instsrv service is part of the Network Installation Tools, used for servicing servers running AIX 3.2. This service shoul...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The echo daemon must be disabled on AIX.
<VulnDiscussion>The echo service can be used in Denial of Service or SMURF attacks. It can also be used by someone else to get through a fire...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The Internet Network News (INN) server must be disabled on AIX.
<VulnDiscussion>Internet Network News (INN) servers access Usenet newsfeeds and store newsgroup articles. INN servers use the Network News Tr...Rule Medium Severity -
SRG-OS-000096-GPOS-00050
<GroupDescription></GroupDescription>Group -
If Stream Control Transmission Protocol (SCTP) must be disabled on AIX.
<VulnDiscussion>The Stream Control Transmission Protocol (SCTP) is an IETF-standardized transport layer protocol. This protocol is not yet wi...Rule Medium Severity -
SRG-OS-000096-GPOS-00050
<GroupDescription></GroupDescription>Group -
The Reliable Datagram Sockets (RDS) protocol must be disabled on AIX.
<VulnDiscussion>The Reliable Datagram Sockets (RDS) protocol is a relatively new protocol developed by Oracle for communication between the n...Rule Medium Severity -
SRG-OS-000378-GPOS-00163
<GroupDescription></GroupDescription>Group -
If automated file system mounting tool is not required on AIX, it must be disabled.
<VulnDiscussion>Automated file system mounting tools may provide unprivileged users with the ability to access local media and network shares...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
AIX process core dumps must be disabled.
<VulnDiscussion>A core dump includes a memory image taken at the time the operating system terminates an application. The memory image could ...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
AIX kernel core dumps must be disabled unless needed.
<VulnDiscussion>Kernel core dumps may contain the full contents of system memory at the time of the crash. Kernel core dumps may consume a co...Rule Medium Severity -
SRG-OS-000142-GPOS-00071
<GroupDescription></GroupDescription>Group -
AIX must set Stack Execution Disable (SED) system wide mode to all.
<VulnDiscussion>DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot ac...Rule Medium Severity -
SRG-OS-000420-GPOS-00186
<GroupDescription></GroupDescription>Group -
AIX must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring AIX is implementing rate-limiting measures on impacted network interfaces.
<VulnDiscussion>DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot ac...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.