The security settings AIX Security Expert can tune can be further categorized into the following groups:
- Password policy rules control the password restrictions imposed on the root and non-root user accounts.
- Login policy recommendations define the login policies for root and non-root users on the system.
- Audit policy recommendations contain rules to enable auditing for system events related to TCP/IP, mail, logical volume manager (LVM) and some general system events, such as /etc/* file accesses.
- User group system and password definitions check for consistency of user, group, system and password definitions. If any discrepancies are found the respective services will be disabled.
- Rules for /etc/inittab include rules to enable/disable services mentioned in /etc/inittab so they don’t start when the system boots.
- /etc/rc.tcpip settings contain the rules to enable/disable a few TCP/IP services, according to the security guidelines in various UNIX OS-hardening whitepapers.
- /etc/inetd.conf settings enable/disable network-related services.
- Disable SUID commands remove set user ID (SUID) and set group ID (SGID) from the attack-prone SUID/SGID programs.
- Disable remote services disable unsecured, remote-access services. For example, they stop rlogind and rshd daemons and tweak nfs-related configuration on the system.
- Remove unauthorized access disables remote access that doesn’t require passwords—for example removing .rhosts .netrc files.
- Tune network options tweak the network options to the proper values on the system. Setting a network attribute to 0 disables the option and setting the network attribute to 1 enables the option.
- IPSec filter rules turn on IPSec on the system and enable a few IPSec filter rules to avoid port scans.
- Miscellaneous includes various rules to tune user attributes like “core file size,” “umask,” “login herald” and more.
< Return to main article