Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-215410 | AIX7-00-003112 | SV-215410r508663_rule | Medium |
Description |
---|
The ability to boot from removable media is the same as being able to boot into single user or maintenance mode without a password. This ability could allow a malicious user to boot the system and perform changes possibly compromising or damaging the system. It could also allow the system to be used for malicious purposes by a malicious anonymous user. |
STIG | Date |
---|---|
IBM AIX 7.x Security Technical Implementation Guide | 2021-11-19 |
Check Text ( C-16608r294681_chk ) |
---|
Determine if the system is configured to boot from devices other than the system startup media by running command: # bootlist -m normal -o The returned values should be "hdisk{x}". If the system is setup to boot from a non-hard disk device, this is a finding. Additionally, ask the SA if the machine is setup for "multi-boot" in the SMS application. If multi-boot is enabled, the firmware will stop at boot time and request which image to boot from the user. If "multi-boot" is enabled, this is a finding. |
Fix Text (F-16606r294682_fix) |
---|
Configure the system to only boot from system startup media: # bootlist -m normal hdisk Set "multi-boot" to "off" in the SMS application. |