From z/OS RACF STIG
Part of ITCP0020
Associated with IA controls: DCCS-1, ECTM-2, DCCS-2, ECTM-1
During the initialization of TCP/IP servers and clients, the TCPIP.DATA configuration file provides information that is essential for proper operations of TCP/IP applications. Inappropriate values could result in undesirable operations and degraded security. This exposure may result in unauthorized access impacting data integrity or the availability of some system services.
Refer to the Data configuration file specified on the SYSTCPD DD statement in the TCPIP started task JCL. Automated Analysis Refer to the following report produced by the IBM Communications Server Data Collection: - PDI(ITCP0020) Verify that the following configuration statements are specified in the TCP/IP Data configuration file. If the following guidance is true, this is not a finding. TCPIPJOBNAME HOSTNAME DOMAINORIGIN DATASETPREFIX
The system programmer will review the configuration statements in the TCPIP.DATA file and ensure they conform to the specifications below: TCPIPJOBNAME - Specifies the job name of the TCP/IP address space. This name is also used as part of the name of some network security resources. HOSTNAME - Specifies the TCP/IP host portion of the DNS name of the system. DOMAINORIGIN - Specifies the default domain name used for DNS searches. DATASETPREFIX - Specifies the high-level qualifier to be used to dynamically allocate other configuration data sets. The TCPIP.DATA file acts as the anchor configuration data set for the TCP/IP stack and all TCP/IP servers and clients running in z/OS. During the initialization of TCP/IP servers and clients, the TCPIP.DATA file provides basic information that is essential for proper operation. The above TCPIP.DATA configuration parameters provide crucial information to TCP/IP applications.
	Lavender hyperlinks in small type off to the right (of CSS
	class id, if you view the page source) point to
	globally unique URIs for each document and item. Copy the
	link location and paste anywhere you need to talk
	unambiguously about these things.
	
      
	You can obtain data about documents and items in other
	formats. Simply provide an HTTP header Accept:
	text/turtle or
	Accept: application/rdf+xml.
      
Powered by sagemincer