The securetcpip command must be used.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-4284 | GEN000000-AIX00040 | SV-4284r2_rule | ECSC-1 | Medium |
| Description |
|---|
| The AIX securetcpip command disables insecure network utilities, such as rcp, rlogin, rlogind, rsh, rshd, tftp, tftpd, and trpt/d. These services increase the attack surface of the system. |
| STIG | Date |
|---|---|
| AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE | 2018-09-18 |
Details
| Check Text ( C-2446r2_chk ) |
|---|
| The securetcpip command is in /etc. If it is not there, this is a finding. Perform: more /etc/security/config If the stanza below is not there, this is a finding. tcpip: netrc = ftp, rexec The stanza indicates the securetcpip command, which disables all the unsafe tcpip commands, (e.g., rsh, rlogin, tftp) has been executed. |
| Fix Text (F-33317r1_fix) |
|---|
| Ensure secure tcp/ip has been invoked before allowing operations on the system. |