Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The securetcpip command must be used.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-4284 | GEN000000-AIX00040 | SV-4284r2_rule | ECSC-1 | Medium |
| Description |
|---|
| The AIX securetcpip command disables insecure network utilities, such as rcp, rlogin, rlogind, rsh, rshd, tftp, tftpd, and trpt/d. These services increase the attack surface of the system. |
| STIG | Date |
|---|---|
| AIX 5.3 Security Technical Implementation Guide | 2012-05-25 |
Details
| Check Text ( C-2446r2_chk ) |
|---|
| The securetcpip command is in /etc. If it is not there, this is a finding. Perform: more /etc/security/config If the stanza below is not there, this is a finding. tcpip: netrc = ftp, rexec The stanza indicates the securetcpip command, which disables all the unsafe tcpip commands, (e.g., rsh, rlogin, tftp) has been executed. |
| Fix Text (F-33317r1_fix) |
|---|
| Ensure secure tcp/ip has been invoked before allowing operations on the system. |