APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

AIX Operating System Hardening Procedures & Security Guide

Some security packages address the problem by stripping all (or nearly all) network services and then instruct you to be careful about what you add to the system. That's a great approach but requires that you "get your hands on" the system before anyone laye rs anything onto it and you understand what you're adding to the system when you add it back in. These are two conditions that do not apply at many sites.\xa0 The approach here is different. We will consider services offered by the AIX 5.1 operating system, try to explain what each does, note the risks involved with each and make recommendations about what one ought to do to mitigate the risk.

Title Last Comment
Free Consultants List  
- Free Unix and Consultants List - add your listing here! -

AIX Operating System Hardening Procedures & Security Guide  
- System Hardening Procedures for AIX using the principle of least privilege. If the user does not need the service, they are not allowed to access that service. -

ncftp - a better ftp client  
- The advantages of ncftp include automatic resumption of failed downloads and ease of working through firewalls. -

AIX Secure Image Installation Procedures  
- NOTE: Screenshots are from an ASCII installation of AIX 5.1 using Windows HyperTerminal. -

AIX Survival Guide  
- Most reviewers have spoken very highly of this book. I hate to be the wet blanket, but I didn't think it was quite that good.

It's not a bad book, at all. I have to learn a bit about AIX for one of my clients, and I will say that this certainly gives me a head start on the curve. But I just had some bad feelings about some of the more general advice given (like the author's habit of adding SCSI devices on a running system or shutting down by simply "sync;sync" and powering off) to make me feel a little uncomfortable about the whole book. -

LOD Communications, Inc.