Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The AIX system must have no .netrc files on the system.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-91289 | AIX7-00-003101 | SV-101387r1_rule | High |
| Description |
|---|
| Unencrypted passwords for remote FTP servers may be stored in .netrc files. Policy requires passwords be encrypted in storage and not used in access scripts. |
| STIG | Date |
|---|---|
| IBM AIX 7.x Security Technical Implementation Guide | 2020-02-24 |
Details
| Check Text ( C-90443r1_chk ) |
|---|
| Check the system for the existence of any ".netrc" files by running the following command: # find / -name .netrc If any ".netrc" file exists, this is a finding. |
| Fix Text (F-97487r1_fix) |
|---|
| Remove all ".netrc" file(s): # find / -name .netrc -exec rm {} \; |