STIGQter STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

AIX must provide time synchronization applications that can synchronize the system clock to external time sources at least every 24 hours.

DISA Rule

SV-215208r508663_rule

Vulnerability Number

V-215208

Group Title

SRG-OS-000355-GPOS-00143

Rule Version

AIX7-00-001053

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Edit /etc/ntp.conf

Configure ntp server by adding the following line:
server server_ipaddr

Set maxpoll to <value> <=16 by adding the maxpoll <value>.

Restart the ntp daemon.

# stopsrc -s xntpd
# startsrc -s xntpd

Check Contents

Check if time synchronization application "ntpd" is running using the command:

# lssrc -s xntpd
Subsystem Group PID Status
xntpd tcpip 4784536 active

If "ntpd" is showing "inoperative", this is a finding.

Check that "ntp" server is configured using command:

# grep server /etc/ntp.conf
server 10.110.20.10

If the command returns no output, this is a finding.

Check the poll interval is less than 24 hours using command:

# grep maxpoll /etc/ntp.conf
maxpoll=16

If "maxpoll" is set to larger than "16" (2^16 seconds ~= 18hr), this is a finding.

Vulnerability Number

V-215208

Documentable

False

Rule Version

AIX7-00-001053

Severity Override Guidance

Check if time synchronization application "ntpd" is running using the command:

# lssrc -s xntpd
Subsystem Group PID Status
xntpd tcpip 4784536 active

If "ntpd" is showing "inoperative", this is a finding.

Check that "ntp" server is configured using command:

# grep server /etc/ntp.conf
server 10.110.20.10

If the command returns no output, this is a finding.

Check the poll interval is less than 24 hours using command:

# grep maxpoll /etc/ntp.conf
maxpoll=16

If "maxpoll" is set to larger than "16" (2^16 seconds ~= 18hr), this is a finding.

Check Content Reference

M

Target Key

4012

Comments