STIGQter STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 25 Apr 2019: AIX administrative accounts must not run a web browser, except as needed for local service administration.

DISA Rule

SV-101705r1_rule

Vulnerability Number

V-91607

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

AIX7-00-001032

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Enforce policy requiring administrative accounts use web browsers only for local service administration.

Check Contents

Inspect the root account home directory for a ".netscape" or a ".mozilla" directory using the following commands:
# find /home/root -name .netscape
# find /home/root -name .mozilla

If none exists, this is not a finding.

If a file exists, verify with the root users and the ISSO the intent of the browsing.

If a file exists and use of a web browser has not been authorized, this is a finding.

Vulnerability Number

V-91607

Documentable

False

Rule Version

AIX7-00-001032

Severity Override Guidance

Inspect the root account home directory for a ".netscape" or a ".mozilla" directory using the following commands:
# find /home/root -name .netscape
# find /home/root -name .mozilla

If none exists, this is not a finding.

If a file exists, verify with the root users and the ISSO the intent of the browsing.

If a file exists and use of a web browser has not been authorized, this is a finding.

Check Content Reference

M

Target Key

3491

Comments