Before you start
This tutorial is for AIX systems administrators who want to better understand the network services in AIX and the impact each one has on system security. Administrators responsible for RS/6000s connected in some way to a public network can use the information in this tutorial to achieve the necessary balance between functionality and security.
No third-party tools are used in this presentation; only the components available to all AIX systems are explored and addressed. While a true security model takes much more than just turning off services and modifying configuration files, this tutorial provides a solid foundation to build upon to reach the goal of complete system integrity.
The examples in this tutorial were run on an IBM RS/6000 that had a complete installation of AIX 4.3.3, Maintenance Level 08. No software beyond that available on the AIX installation media was placed on the host. All practices and configurations discussed in this tutorial are equally applicable (and have been confirmed) on a production system running AIX 5L (5.1 ML 01).
It is important to understand the potential impact of any change made to a system's configuration; this is especially true when dealing with security-related concerns. Before making any modifications to a production system, be sure that the changes have first been tested in a suitable development environment. Always back up systems, wear a seat belt, and close the cover when striking.