The first time you sign into developerWorks, a profile is created for you. Select information in your profile (name, country/region, and company) is displayed to the public and will accompany any content you post. You may update your IBM account at any time.

All information submitted is secure.

The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerworks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

All information submitted is secure.

My developerWorks:

My notifications:

Sign out

Select a language:

Securing AIX Network Services

Sandor W. Sklar (ssklar@stanford.edu), Systems Administrator, Freelance Developer

Sandor W. Sklar is a Unix systems administrator at Stanford University, in beautiful Northern California. When not poking through his systems for real or imagined security holes, he enjoys spending time with his wife and two children.

Summary: Better understand the network services in AIX and the impact each one has on system security. Administrators responsible for RS/6000s connected in some way to a public network can use the information in this tutorial to achieve the necessary balance between functionality and security.

Date: 24 Dec 2001
Level: Intermediate
PDF: A4 and Letter (514 KB | 24 pages)Get Adobe® Reader®

Activity: 13446 views
Comments:

Resources

Participate in the discussion forum.
The IBM RedBooks UNIX Portal provides a wealth of information on all aspects of AIX administration. Of particular interest to those looking to improve system security is:
- SG24-5971 Additional AIX Security Tools on IBM (e)server pSeries, IBM RS/6000, and SP/Cluster
SecurityFocus is an excellent community news site, focusing on computer security incidents, news, and features.
The CERT Coordination Center, provided by Carnegie Mellon University, is research and development center, concentrating on Internet security vulnerabilities and publishing security alerts affecting all computing platforms.
In conjunction with the Federal Bureau of Investigation (FBI), the SANS Institute also publishes The Twenty Most Critical Internet Security Vulnerabilities, updated regularly as new problems spring to the forefront.
OpenSSH is an open source implementation of the Secure Shell standard suite. It provides secure replacements for telnet, ftp, rsh, rlogin, and rcp, as well as a method of encrypting other TCP/IP network protocols transparently. OpenSSH should be included in every Unix distribution by default.
Nmap is a port scanner that can be used to determine the network footprint of a system, and detect services that shouldn't be running. Nmap is an important tool in the arsenal of the security-conscious administrator.
Nessus is a remote network security auditing tool. By scanning the hosts with nessus, administrators will know all the vulnerable spots, hopefully before the bad guys do.