View System Configuration Lscfg -vpuname -a Uname -ULSATTR -EL SYS0LSCFG -VPL SYSPLANAR0
.
Some points on AIX system file security, IBM Internet Servers Li Yifeng This article mainly discusses how to check files, directories, and executable security on AIX systems to prevent possible security hazards.
1. Delete junk files
After many programs are running, there will be a lot of junk files in the / tmp directory. The AIX system provides a command SKULKER, which can delete the A.out file in the / TMP directory, the core file, and ed.hup files. The specific command is executed:
# Skulker -p
2. Delete the file without any person
After a user is deleted on the AIX system, the file that is originally this user will become an owner. You can use the following command to find these files:
# Find / -nouser -ls
If you find a lot of money, you can specify them to some users who already exist. Otherwise, these files are removed.
3. Manage unauthorized remote access
Some programs use the .rhosts file to access the remote system. But sometimes this method is used by unauthorized users. To avoid this, you can delete .rhosts files.
In the HACMP environment ,.RHOSTS file is required. At this time, you need to set the access rights of the .rhosts file to 600, and the owner is root.system.
Use the following command to find the.rhosts file:
# Find / -Name.rhosts -ls
4. Monitor the properties of the executable
Before monitoring some executable files, you need to understand how these files are used. Especially to monitor those owners are files set in the root, file mode words.
You can find all the files that meet the above conditions by the following command:
# Find / -perm -4000 -user 0 -ls
# Find / -perm -2000 -user 0 -ls
Save the output result of the above command. Timed these two commands and compared to the saved results to see if there is an unknown file, to eliminate possible safety hazards.
5. Manage the background job of CRON and AT running
Must do the following:
- Confirm that only root users are in cron.allow and at.allow files.
- Remove the cron.deny and at.deny files from the directory VAR / ADM / CRON.
- Make sure the owner of the CRON and AT jobs is root and can only be written by root.
The content mentioned above is guiding the security of the AIX system in the file. More aspects should be considered when considering the security of the AIX system.
--------------------
Several points about AIX system file security (continued) IBM Internet Servers Li Yifeng This article mainly discusses security issues in X11 and CDE (Common Desktop Environment).
1. Delete /etc/rc.dt file
Although the CDE graphics environment is easy to use, users use AIX, but also brings security hazards. Therefore, for systems that require higher security, CDE should not be run.
The best way is to do not install the CDE (DT) package. If these packages have been installed, you should consider deleting them, especially starting CDE script files /etc/rd.dt.
2. Blocking the remote monitoring function of the X server
A very important security issue is the remote monitoring mechanism of the X11 server. XWD and XWUD are often used to monitor the activity of the X server, which can capture the tap results of the keyboard, so you may leak your password or other sensitive information.
To prevent the appearance of this, you can delete these executables or limit their execution to root. XWD and XWUD can be found in the file package x11.apps.clients.
If you need to use the XWD and XWUD commands, you can consider using OpenSSH or MIT MAGIC Cookies. These third-party manufacturers can effectively prevent the risk of using XWD and XWUD commands.
3. Prohibit users from using Xhost commands
Make sure that only the specified user can use the XHOST command, or specify that only the super user can use, the method is to run the chmod command to modify the properties of the USR / BIN / X11 / XHOST:
# chmod 744 / usr / bin / x11 / xhost
Confirm that when running the XHOST command, specify hostname, otherwise all remote hosts will be allowed to access the machine, which will bring potential hazards.
