欢迎来到天天文库
浏览记录
ID:30774008
大小:71.50 KB
页数:18页
时间:2019-01-03
《aix安全检查表》由会员上传分享,免费在线阅读,更多相关内容在工程资料-天天文库。
1、AIX安全检查表AixsecuritycheckAIXSecurityChecklistChapter1systembasicinformationUname-adisplayssysteminformation(hardwarenumber,systemname,hostname,operatingsystemversionandrelease)OsleveldisplaysthesystemversionThewho-rsystemcurrentrunlevelChapter2informationonsystemnetworkcardIfconfi
2、g-adisplaysallthenetworkcardinformationinthesystemChapter3:systemroutinginformationNetstat一nrshowsthesystemroutinginformationChapter4InternetconnectioninfonnationNetstat一nadisplaysthestatusofallnetworkconnectionscurrentlyinthesystemChapter5theoperatingsystemprocessinformationThep
3、s一efdisplaysalltheprocesseswithinthesystemChapter6thefilesystem,sbasicpermissionsinformationCheckthebasicdirectorypermissions:[Copytoclipboard]CODE:/etcThe/usr/var/TMP/dev/sbin/homeThe/usr/binThe/usr/libThe/usr/sbinThe/var/admThe/var/spoolCheckthemainconfigurationfilepermissions:
4、[Copytoclipboard]CODE:The/etc/passwdThe/etc/security/passwdThe/etc/security/userThe/etc/security/login.CFGThe/etc/inittabUsethefindcommandtofindallsetuid,setgid,andglobalwritablefilesanddirectories・Find/-perm-4000-IslooksforallthesetuidfilesFind/-perm-2000-lslooksforallthesetgidf
5、ilesFind/-perm-0004-IslooksforalltheglobalwritablefilesanddirectoriesChapter7thesystemallowsrootremotelogin7.1.CheckAIXsystemwithoutthelimitationontherootTelnetindividually,aswellasotherusers,fortherootusercanremoteloginrestrictionsinthefile/etc/security/userspecified・Thisoperati
6、oncanbethroughthefollowingthreeways:Usevitoviewandchangethe/etc/security/userfilesdirectly.Usingthelsuserandchusercommands;Viewandchangefromsmit(smitlsuser,smitchuser)・Thelsuser-a.rloginrootlooksattheroot,srloginattribute(defaultistrue,allowingremotelogin,Telnetorrlogin)Chuserrlo
7、gin二falserootpreventsrootfromlogginginThelsuser-attysrootlooksatroot'sttysproperties(rootuserallowsloginport)Chuserttys二IftOrootonlyallowsroottologinfromtheIftOport(native)7.2.ThecartonSettheuserattributeofroot,rlogin二false,ttys=IftOChapter8rc?Thestartoftheservicein.d8.1.CheckAIX
8、Systeminthemainserviceinthe/etc/inittabf
此文档下载收益归作者所有