AIX CHECKLIST
By: Frank W. Lyons
President of Entellus Technology Group, Inc.
407-774-8397
I. Preliminary Steps
A. Obtain an organizational chart of the group responsible for the operating environment.
B. Obtain any existing curity and control procedures
C. Obtain a description of the network configuration
D. Obtain a listing of the various systems (applications) supported by the operating system
小妇人英文简介
E. Obtain a job description of the System Administrator
II. Installation Audit Steps
A. Review any design criteria for system curity.
B. Determine whether the ur access is controlled through the operating system, the databa management system, or the application front-end menu system.
C. Determine what documentation standards exist and whether they are being followed.
D. Determine who acts as the Security Administrator for the operating environment.
E. Determine the standards for password management and construction.
F. Review any existing curity guidelines for urs, groups, and functions.
III. Physical Security
A. Review the network configuration to ensure that all network components are physicall
y cured.
The include File Servers, Bridges, Routers, Hubs/Concentrators, Gateways, Terminal Servers, and Modems.
B. Determine who is responsible and what documentation is required for configuration changes to the physical network.
Are the procedures effective?
deduct Are the changes to the network documented?
美国电影明星法文名字 Are urs and other impacted parties properly notified?
C. Ensure that only the System Administrator or other authorized personnel have physical access to the file rver console as the system can be rebooted from the ‘A’ drive and a new root password can be supplied.
IV. System Administration
A. Identify all the System Administrators.
$grep :0: /etc/passwd
B. Determine that each administrator requires this level of authority.
C. Determine the change control procedures over changes to urs, programs, menus, authorities, ur scripts, hardware and system software.
D. Determine that the proper person or group is responsible for monitoring the network that support the file rver.
E. Determine that the proper person or group is responsible for system shutdown and backups.
F. Determine if the System Administrator is supported by a backup or at a minimum their urid/password are kept in a cured location in ca of an emergency.
G. Determine who is responsible for maintaining licen agreements and if all agreement
s are being met.
重庆礼仪V. System Security
The System Administrator’s interface for the AIX system is the System Management Interface Tool (smit).
You can invoke smit by keying smit at the operating system prompt.
A. During the initial installation did the System Administrator create audit check sum files. The files will allow the Security Administrator to verify that no changes have been made since the installation of the system.
The audit check sum files should contain a single-line entry for each file having the following information: (See /etc/curity/sysck.cfg)
field comments
acl contains both ba and extended access control list data for the file
class a logical group to which this file belongs
pathname Absolute pathname
royal mail
owner Ether symbolic or numeric ID
horizon是什么意思
group Either symbolic or numeric ID
mode Symbolic reprentation as displayed by the ls -l commandyou and me
五年级英语手抄报
size Size of the file in bytes. Major and minor numbers are listed for devices
links Number of hard links to pathname
version Numeric value, reported by what(1).
checksum File contents computed by a checksum algorithm. This field reflects the
slightest change to a file, even a single character.
symlinks Indicates whether the file has symbolic or hard links
program the associated checking program
汕头翻译公司
