Aix_CheckList2

z371859256
2 ℃
2020-01-28

整理文档很辛苦，赏杯茶钱您下走！

还剩 ... 页未读，继续阅读 >>

免费阅读已结束，点击下载阅读编辑剩下 ... 页

阅读已结束，您可以下载文档离线阅读编辑

资源描述

AIXSecurityCheckListAIXSecurityCheckList第1页共29页1系统信息1.1系统网络设置1.1.1说明检查系统的网络设置1.1.2检查方法ifconfig-a1.1.3结果分析方法bash-2.04#ifconfig-aen0:flags=e080863UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64BITinet192.168.7.250netmask0xffffff00broadcast192.168.7.255lo0:flags=e08084bUP,BROADCAST,LOOPBACK,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64BITinet127.0.0.1netmask0xff000000broadcast127.255.255.255inet6::1/01.2系统当前路由1.2.1说明1.2.2检查方法netstat-nrAIXSecurityCheckListAIXSecurityCheckList第2页共29页1.2.3结果分析方法bash-2.04#netstat-nrRoutingtablesDestinationGatewayFlagsRefsUseIfPMTUExpGroupsRouteTreeforProtocolFamily2(Internet):default192.168.7.254UGc00en0--127/8127.0.0.1U4113lo0--192.168.7/24192.168.7.250U2157en0--192.168.10.195192.168.7.254UGHW1158en01500-RouteTreeforProtocolFamily24(Internetv6):::1::1UH00lo016896-1.3当前系统开放的端口1.3.1说明1.3.2检查方法netstat-na|grepLISTEN1.3.3结果分析方法bash-2.04#netstat-na|grepLISTENtcp400*.25*.*LISTENtcp400127.0.0.1.49213*.*LISTENAIXSecurityCheckListAIXSecurityCheckList第3页共29页tcp400*.2401*.*LISTENtcp400*.32772*.*LISTENtcp400*.809*.*LISTENtcp400*.808*.*LISTENtcp400*.32771*.*LISTENtcp400*.199*.*LISTENtcp400*.6112*.*LISTENtcp400*.32769*.*LISTENtcp400*.37*.*LISTENtcp400*.13*.*LISTENtcp400*.19*.*LISTENtcp400*.9*.*LISTENtcp400*.7*.*LISTENtcp00*.512*.*LISTENtcp400*.543*.*AIXSecurityCheckListAIXSecurityCheckList第4页共29页LISTENtcp00*.513*.*LISTENtcp400*.544*.*LISTENtcp00*.514*.*LISTENtcp00*.23*.*LISTENtcp00*.21*.*LISTENtcp400*.111*.*LISTENtcp400*.6000*.*LISTENtcp400*.32768*.*LISTEN1.4系统运行进程1.4.1说明1.4.2检查方法ps-ef1.4.3结果分析方法bash-2.04#ps-efAIXSecurityCheckListAIXSecurityCheckList第5页共29页UIDPIDPPIDCSTIMETTYTIMECMDroot10005:58:08-0:00/etc/initroot21443882005:59:43-0:00dtgreetroot23683118005:58:44-0:00/usr/lpp/X11/bin/X-D/usr/lib/X11//rgb-T-force:0-auth/var/dt/A:0-xidcUaroot29101005:59:01-0:00/usr/sbin/srcmstrroot31181005:58:43-0:00/usr/dt/bin/dtlogin-daemonroot34865170406:14:31pts/00:00ps-efroot38823118005:58:44-0:00dtlogin:0-daemonroot44081005:58:56-0:00/usr/sbin/syncd60root49081005:58:56-0:00/usr/lib/errdemonroot51707744106:01:34pts/00:00-bashroot55021005:59:31-0:00/usr/sbin/cronroot56982910005:59:05-0:00/usr/sbin/syslogdroot59402910005:59:08-0:00sendmail:acceptingconnectionsonport25root61922910005:59:11-0:00/usr/sbin/portmaproot64502910005:59:14-0:00/usr/sbin/inetdroot67082910005:59:18-0:00/usr/sbin/snmpdroot69662910005:59:21-0:00/usr/sbin/dpid2root77446450006:01:32-0:00telnetd-aroot80022910005:59:25-0:00/usr/sbin/biod6root82642910005:59:28-0:00/usr/sbin/rpc.statdroot85222910005:59:31-0:00/usr/sbin/rpc.lockdroot87821005:59:38-0:00/usr/sbin/uprintfdroot90342910005:59:35-0:00/usr/sbin/qdaemonroot92962910005:59:38-0:00/usr/sbin/writesrvroot100661005:59:38-0:00/usr/bin/AIXPowerMgtDaemonroot108381005:59:42lft00:00/usr/sbin/getty/dev/consoleAIXSecurityCheckListAIXSecurityCheckList第6页共29页imnadm110941005:59:41-0:00/usr/IMNSearch/httpdlite/httpdlite-r/etc/IMNSearch/httpdlite/httpdlite.confroot116121005:59:42-0:00/usr/lpp/diagnostics/bin/diagd1.5系统信息1.5.1说明1.5.2检查方法uname-a1.5.3结果分析方法bash-2.04#uname-aAIXaix434001381144C001.6系统及安装软件信息1.6.1说明1.6.2检查方法lslpp-Lall1.6.3结果分析方法bash-2.04#lslpp-LallFilesetLevelStateDescription----------------------------------------------------------------------------IMNSearch.rte.httpdlite2.0.0.1CNetQuestionWebServerAIXSecurityCheckListAIXSecurityCheckList第7页共29页Java.rte.bin1.1.8.0CJavaRuntimeEnvironmentExecutablesJava.rte.classes1.1.8.0CJavaRuntimeEnvironmentClassesJava.rte.lib1.1.8.0CJavaRuntimeEnvironmentLibrariesX11.Dt.ToolTalk4.3.3.50CAIXCDEToolTalkSupportX11.Dt.bitmaps4.3.3.0CAIXCDEBitmapsX11.Dt.helpmin4.3.3.0CAIXCDEMinimumHelpFilesX11.Dt.helprun4.3.3.0CAIXCDERuntimeHelpX11.Dt.lib4.3.3.75CAIXCDERuntimeLibrariesX11.Dt.rte4.3.3.75CAIXCommonDesktopEnvironment(CDE)1.0……xlC.msg.en_US.rte4.0.2.0CCSet++RuntimeMessages--U.S.EnglishxlC.rte4.0.2.0CCSet++RuntimeStateCodes:A--Applied.B--Broken.C--Committed.O--Obsolete.(partiallymigratedtonewerversion)?--InconsistentState...Runlppchk-v.AIXSecurityCheckListAIXSecurityCheckList第8页共29页2补丁安装情况oslevel-r3帐号和口令3.1禁止所有的系统默认帐户的登录权限3.1.1检查方法cat/etc/passwd3.1.2结果分析方法例：guest:!:100:100::/home/guest:3.1.3备注1.修改/etc/passwd文件，使系统默认用户没有shell，例：#chshuser/bin/falsenobody:!:4294967294:4294967294::/:/bin/false默认系统的帐户如下：daemon,bin,sys,adm,nobody,1.删除下列的无用的默认帐号，例：#rmuser–puser应该删除下列系统帐号：lpd，guest，uucp，nuucpAIXSecurityCheckListAIXSecurityCheckList第9页共29页3.2Passwd设置参数3.2.1说明增强passwd配置3.2.2检查方法cat/etc/security/user3.2.3结果分析方法default:admin=falselogin=truesu=truedaemon=truerlogin=truesugroups=ALLadmgroups=ttys=ALLauth1=SYSTEMauth2=NONEtpath=nosakumask=022expires=0SYSTEM=compatlogintimes=pwdwarntime=0account_locked=falseloginretries=0AIXSecurityCheckListAIXSecurityCheckList第10页共29页histexpire=0histsize=0minage=0maxage=0maxexpired=-1minalpha=0minother=0minlen=0mindiff=0maxrepeats=8dictionlist=pwdchecks=root:admin=trueSYSTEM=compatloginretries=0account_locked=false……3.2.4备注修改/etc/security/user文件#smitmkuser#smitchuserRestrictionValuesRecommendedValuesDefaultValuesMaximumValuesMinage005