This article discusses how to check the security of files, directories and executable programs on AIX systems, to prevent possible security risks.
1. Delete junk files
After many programs finished running, it will leave a lot of junk files in the / tmp directory. AIX system provides a command skulker, it can remove a.out file / tmp directory, core file and ed.hup files. Specific command mode is:
# Skulker -p
2. Delete the file owner
On AIX systems if a user is deleted, the original part of the user's files will become the owner of the file no. You can use the following command to find these files:
# Find / -nouser -ls
If the document is also used to find out too, you can assign them to some user already exists under. Otherwise, delete these files.
3. Management unauthorized remote access
Some programs use .rhosts file access remote systems. But sometimes this practice by unauthorized users. To avoid this, you can delete the .rhosts file.
In HACMP environment, .rhosts file is required. Then you need to access .rhosts file is set to 600, and the owner is root.system.
The following command can be used to find .rhosts file:
# Find / -name .rhosts -ls
4. Monitoring of the executable file properties
Prior to monitor certain executable files, you need to understand how these files are being used. Especially those to monitor owner is root, the word of papers in files SUID and SGID settings.
The following command can find all the files above conditions are met:
# Find / -perm -4000 -user 0 -ls
# Find / -perm -2000 -user 0 -ls
Save the above command output. Timed Run these two commands, and compared with the saved results to see if there are unknown file appears to prevent possible security risks.
5. The management background job running cron and at
You must do the following:
- Ensure that only the root user cron.allow and at.allow file.
- From the directory var / adm / cron remove cron.deny and at.deny files.
- Ensure that the owner cron and at jobs that root and only writable by root.
We are talking about the contents of the above file AIX system in terms of security instructive. In particular, consider using AIX security system should also be considered more content areas.