UCF STIG Viewer Logo

Default system accounts must be disabled or removed.


Overview

Finding ID Version Rule ID IA Controls Severity
V-810 GEN002640 SV-38897r1_rule IAAC-1 Medium
Description
Vendor accounts and software may contain backdoors allowing unauthorized access to the system. These backdoors are common knowledge and present a threat to system security if the account is not disabled.
STIG Date
Draft AIX Security Technical Implementation Guide 2011-08-17

Details

Check Text ( C-37188r1_chk )
Determine if default system accounts (such as those for guest, sys, bin, uucp, nuucp, daemon, smtp) have been disabled.
Procedure:
# grep account_locked /etc/security/user
If there are any unlocked default system accounts, this is a finding.
Fix Text (F-24500r1_fix)
Lock the default system account(s).
# chuser account_locked=true