AIX User Data Protection

[Arumugan]

Hi all,

I am using AIX operating system that sold by IBM. I require to achieve full access control, on the subject and object, as well as subject and object of the operation of the implementation of access control policy. Subjects, including mainframe, users and processes, objects, including processes, files, directories, device. Access control policy to cover all operations, including reading and writing. Need the system to achieve their own access control policy. Please suggest.

[Devasis]

You need to go the following test method:
(1) the system umask should be 077 or 027
(2) important data files must be controlled by the ACL list.
(3) ACL list of editing commands:
aclget display a file's ACL list
(3) Instfix-i and oslevel-rl view the current installation of the system maintenance level.
(4) Access control functions (FDP_ACF)

Check and reply.

[Solomon]

A clearly defined user rights. A user belonging to a particular group, and in accordance with the need to assign the appropriate role. Use netstat-an and netstat-a command to view the system to open the port, and record the port and the corresponding procedures. Data identification (FDP_DAU). The operating system should ensure that the object information content of the authenticity of the identity of the operating system should guarantee the authenticity of the main body. All the best.

[MrChris-]

For AIX operating system, user data file using specific key terms to produce a summary of the key parameters of the MD5 to carry out the authenticity test. You need to install the free md5 tool or other third-party software. Use swatch command to control media distribution systems thorough examination of all the binary files, with particular attention to the following documents: telnet, in.telnetd, login, su, ftp, ls, ps, netstat, ifconfig, find, du, df, libc, sync, inetd, and syslogd. Also check was / etc / inetd.conf file, network and system procedures, dynamic library files referenced in any binary files; check for new SUID and SGID files. Check and reply.

[Calvin K]

Use the following command to print out the file system in all of the SUID file

Code:

find /-type f-perm -4000-print

If it is found and the original backup is inconsistent, please use the backup file to restore the original file. Therefore, an administrator should periodically check the system to run inspection procedures and whether the abnormal suid / guid program: something like the following command

Code:

find /-type f \ (-perm -04000-o-perm -02000 \) \-exec ls-lg () \;> suid-sguid-

Check and reply.

[Lillebror]

The various parts of AIX operating system to realize the object information storage media on the residual information protection, to achieve component. For a subset of the object to ensure that the resources allocated to the object or from object to release the resources in the remnants of the information is not available.You can View deleted data storage medium, whether the deleted data objects already vn place to implement a real deletion. Check and reply.