GEN000000-AIX00040 – The securetcpip command must be used – /etc/security/config has been configured

Details

The AIX securetcpip command disables insecure network utilities, such as rcp, rlogin, rlogind, rsh, rshd, tftp, tftpd, and trpt/d. These services increase the attack surface of the system.

Solution

Ensure secure tcp/ip has been invoked before allowing operations on the system

Supportive Information

The following resource is also helpful.

https://iasecontent.disa.mil/stigs/zip/U_AIX_6-1_V1R14_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.

References

800-53|AC-4(8)
CAT|II
CCI|CCI-000032
Group-ID|V-4284
Rule-ID|SV-4284r2_rule
STIG-ID|GEN000000-AIX00040
Vuln-ID|V-4284

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles