Checklist Summary:

This document, Security Configuration Benchmark for AIX 5.3 and AIX 6.1, provides prescriptive guidance for establishing a secure configuration posture for AIX versions 5.3 and 6.1 running on the Power Systems platform. This guide was tested against AIX 5.3 TL-05 / TL-07 and AIX 6.1 TL-01, installed from IBM base installation media. To obtain the latest version of this guide, please visit http://cisecurity.org. If you have questions, comments, or have identified ways to improve this guide, please write us at feedback@cisecurity.org.

Checklist Role:

• Server Operating System

Known Issues:

Not provided

Target Audience:

IBM AIX IT Professionals

Target Operational Environment:

• Managed
• Specialized Security-Limited Functionality (SSLF)

Testing Information:

Tested on AIX 5.3 TL-05 / TL-07 and AIX 6.1 TL-01

Regulatory Compliance:

Not provided

Comments/Warnings/Miscellaneous:

Not provided

Disclaimer:

By using the Products and/or the Recommendations, I and/or my organization ("we") agree and acknowledge that: No network, system, device, hardware, software or component can be made fully secure; We are using the Products and the Recommendations solely at our own risk; We are not compensating CIS to assume any liabilities associated with our use of the Products or the Recommendations, even risks that result from CIS's negligence or failure to perform; We have the sole responsibility to evaluate the risks and benefits of the Products and Recommendations to us and to adapt the Products and the Recommendations to our particular circumstances and requirements; Neither CIS, nor any CIS Party (defined below) has any responsibility to make any corrections, updates, upgrades or bug fixes or to notify us if it chooses at it sole option to do so; and Neither CIS nor any CIS Party has or will have any liability to us whatsoever (whether based in contract, tort, strict liability or otherwise) for any direct, indirect, incidental, consequential, or special damages (including without limitation loss of profits, loss of sales, loss of or damage to reputation, loss of customers, loss of software, data, information or emails, loss of privacy, loss of use of any computer or other equipment, business interruption, wasted management or other staff resources or claims of any kind against us from third parties) arising out of or in any way connected with our use of or our inability to use any of the Products or Recommendations (even if CIS has been advised of the possibility of such damages), including without limitation any liability associated with infringement of intellectual property, defects, bugs, errors, omissions, viruses, worms, backdoors, Trojan horses or other harmful items.

Product Support:

No support agreement with product vendor

Point of Contact:

feedback@cisecurity.org

Sponsor:

Not provided

Licensing:

Copyrighted

Change History:

Updated to correct resource - Note - information request from CIS is required - 4/12/18
updated reference link per CIS instruction - 8/7/18
Updated URL - 7/26/19
Updated Reference URLs - 7/31/19
updated URLs - 9/24/19
updated reference URL - 9/27/19
Updated reference URL - 10/10/19
Updated references per IBM - 3/16/21
updated reference link - 7/18/2022
updated URLs - 9/6/2022
updated SHA -  9/12/2022
updated SHA - 9/16/2022
Archive - 8/31/23

Dependency/Requirements:

URL	Description
https://www.redbooks.ibm.com/redbooks/pdfs/sg246396.pdf	AIX 5L Auditing and Accounting (Redbook) SG24-6396-00
https://www.redbooks.ibm.com/redbooks/pdfs/sg247430.pdf	AIX 6 Advanced Security Features (Redbook) SG24-7430-00
https://www.redbooks.ibm.com/redbooks/pdfs/sg247463.pdf	AIX 5.3 Differences Guide (Redbook) SG24-7463-00
https://www.redbooks.ibm.com/redbooks/pdfs/sg247559.pdf	AIX 6.1 Differences Guide (Redbook) SG24-7559-00

References:

Reference URL	Description

NIST checklist record last modified on 08/31/2023