AIX Vulnerability Assessments

Viewing 2 reply threads
  • Author
    Posts
    • #8457
      ras76
      Participant

      Has anyone had any experience in doing security audits of Servers running AIX 6.1 O/S?

      If so can you recommend any free vulnerability scanners/best practice analyzers in the mould of Microsoft Baseline Security Analyzer for computers running Windows Server – that can audit AIX?

      Plus any common weaknesses/default weaknesses you find with servers running AIX as their OS.

      It would be useful to identify any tools that can export hashes for local admin accoiunts, and tools to run dictionary password attacks over the hashes as well.

    • #52999
      Triban
      Participant

      Welcome to AIX, bit of a different beast from Windows.  http://www.auditunix.com/unix-security-tool/ this might help.  Some of the best practices around securing Linux can also apply to AIX – root shouldn’t have remote access, users should remote in with their IDs and use SUDO to execute elevated commands.  don’t use telnet if other more secure methods are supported.  Here is a link to a Tenable post, it is older, but some of the plugins may still apply: http://www.tenable.com/blog/aix-best-practice-and-pci-configuration-audits.  You will probably require SSH access to the systems to adequately audit them.  Oh and be careful when scanning these systems, they area  bit more sensitive than Windows and some scanners will break them even if you are running with safe scans.

      Good luck!

    • #53000
      ras76
      Participant

      @3xban wrote:

      Welcome to AIX, bit of a different beast from Windows.  http://www.auditunix.com/unix-security-tool/ this might help.  Some of the best practices around securing Linux can also apply to AIX – root shouldn’t have remote access, users should remote in with their IDs and use SUDO to execute elevated commands.  don’t use telnet if other more secure methods are supported.  Here is a link to a Tenable post, it is older, but some of the plugins may still apply: http://www.tenable.com/blog/aix-best-practice-and-pci-configuration-audits.  You will probably require SSH access to the systems to adequately audit them.  Oh and be careful when scanning these systems, they area  bit more sensitive than Windows and some scanners will break them even if you are running with safe scans.

      Good luck!

      Thanks 3xban , is John the Ripper still the best tool for password cracking of AIX, as it would be traditional *nix systems?

Viewing 2 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?