The system must be checked for extraneous device files at least weekly.

From AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE

Part of GEN002260

Associated with IA controls: ECSC-1

Associated with: CCI-000318

SV-923r2_rule The system must be checked for extraneous device files at least weekly.

Vulnerability discussion

If an unauthorized device is allowed to exist on the system, there is the possibility the system may perform unauthorized operations.

Check content

Check the system for an automated job, or check with the SA, to determine if the system is checked for extraneous device files on a weekly basis. If no automated or manual process is in place, this is a finding.

Fix text

Establish a weekly automated or manual process to create a list of device files on the system and determine if any files have been added, moved, or deleted since the last list was generated. Generate a list of device files. # find / -type b -o -type c > device-file-list

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer