Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-1013 | GEN008600 | SV-38835r1_rule | ECSC-1 | High |
Description |
---|
The ability to boot from removable media is the same as being able to boot into single user, or maintenance, mode without a password. This ability could allow a malicious user to boot the system and perform changes that could compromise or damage the system. It could also allow the system to be used for malicious purposes by a malicious anonymous user. |
STIG | Date |
---|---|
AIX 5.3 Security Technical Implementation Guide | 2012-05-25 |
Check Text ( C-37096r1_chk ) |
---|
Determine if the system is configured to boot from devices other than the system startup media. # bootlist -m normal -o The returned values should be hdisk{x}. If the system is setup to boot from a non-hard disk device, this is a finding. Additionally, ask the SA if the machine is setup for multi-boot in the SMS application. If multi-boot is enabled, the firmware will stop at boot time and request which image to boot from the user. If multi-boot is enabled, this is a finding. |
Fix Text (F-32367r1_fix) |
---|
Configure the system to only boot from system startup media. # bootlist -m normal hdisk< x > Set multi-boot to off in the SMS application. |