STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

If automated file system mounting tool is not required on AIX, it must be disabled.

DISA Rule

SV-215395r508663_rule

Vulnerability Number

V-215395

Group Title

SRG-OS-000378-GPOS-00163

Rule Version

AIX7-00-003090

Severity

CAT II

CCI(s)

CCI-001958 - The information system authenticates an organization-defined list of specific and/or types of devices before establishing a local, remote, or network connection.

Weight

Fix Recommendation

Disable the automated file system mounting tools.

Empty the /etc/auto_master file.

From the command prompt, run the following command:
# stopsrc -s automountd

Check Contents

Determine if the system uses "automated" by using command:

# lssrc -s automountd
Subsystem Group PID Status
automountd autofs inoperative

If the automountd process is active, this is a finding.

Vulnerability Number

V-215395

Documentable

False

Rule Version

AIX7-00-003090

Severity Override Guidance

Determine if the system uses "automated" by using command:

# lssrc -s automountd
Subsystem Group PID Status
automountd autofs inoperative

If the automountd process is active, this is a finding.

Check Content Reference

Target Key

4012

If automated file system mounting tool is not required on AIX, it must be disabled.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments