UCF STIG Viewer Logo

The system must be checked for extraneous device files at least weekly.


Overview

Finding ID Version Rule ID IA Controls Severity
V-923 GEN002260 SV-923r2_rule ECSC-1 Low
Description
If an unauthorized device is allowed to exist on the system, there is the possibility the system may perform unauthorized operations.
STIG Date
AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE 2018-09-18

Details

Check Text ( C-464r2_chk )
Check the system for an automated job, or check with the SA, to determine if the system is checked for extraneous device files on a weekly basis. If no automated or manual process is in place, this is a finding.

Fix Text (F-1077r2_fix)
Establish a weekly automated or manual process to create a list of device files on the system and determine if any files have been added, moved, or deleted since the last list was generated.

Generate a list of device files.
# find / -type b -o -type c > device-file-list