TCPIP.DATA configuration statements for the TCP/IP stack will be properly specified.

From z/OS TSS STIG

Part of ITCP0020

Associated with IA controls: DCCS-1, ECTM-2, DCCS-2, ECTM-1

SV-3216r2_rule TCPIP.DATA configuration statements for the TCP/IP stack will be properly specified.

Vulnerability discussion

During the initialization of TCP/IP servers and clients, the TCPIP.DATA configuration file provides information that is essential for proper operations of TCP/IP applications. Inappropriate values could result in undesirable operations and degraded security. This exposure may result in unauthorized access impacting data integrity or the availability of some system services.

Check content

Refer to the Data configuration file specified on the SYSTCPD DD statement in the TCPIP started task JCL. Automated Analysis Refer to the following report produced by the IBM Communications Server Data Collection: - PDI(ITCP0020) Verify that the following configuration statements are specified in the TCP/IP Data configuration file. If the following guidance is true, this is not a finding. TCPIPJOBNAME HOSTNAME DOMAINORIGIN DATASETPREFIX

Fix text

The system programmer will review the configuration statements in the TCPIP.DATA file and ensure they conform to the specifications below: TCPIPJOBNAME - Specifies the job name of the TCP/IP address space. This name is also used as part of the name of some network security resources. HOSTNAME - Specifies the TCP/IP host portion of the DNS name of the system. DOMAINORIGIN - Specifies the default domain name used for DNS searches. DATASETPREFIX - Specifies the high-level qualifier to be used to dynamically allocate other configuration data sets. The TCPIP.DATA file acts as the anchor configuration data set for the TCP/IP stack and all TCP/IP servers and clients running in z/OS. During the initialization of TCP/IP servers and clients, the TCPIP.DATA file provides basic information that is essential for proper operation. The above TCPIP.DATA configuration parameters provide crucial information to TCP/IP applications.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer