AIX Security Expert Remove access that does not require Authentication group
AIX® supports few services that do not require user authentication to log into the network.
The /etc/hosts.equiv file and any local $HOME/.rhosts files define hosts and user accounts that can run remote commands on a local host without a password. Unless this capability is explicitly required, these files should be cleared.
Action button name | Description | Value set by AIX Security Expert | Undo |
---|---|---|---|
Remove rhosts and netrc services | .rhosts and .netrc files store usernames and passwords in plain text format, which can be exploited. |
|
Yes |
Remove entries from /etc/hosts.equiv file | The /etc/hosts.equiv file, along with a local user's $HOME/.rhosts file, defines which users on foreign hosts are permitted to remotely run commands on the local host. If someone on the foreign host learns the details of the username and hostname, they can find ways to run remote commands on the local host without any authentication. |
|
Yes |