AIX is an open UNIX operating environment that provides increased levels of integration, flexibility, and reliability that are essential for meeting the high demands of today's e-business applications. This focus on versatility allows AIX to be used under a wide variety of workloads, from running on a symmetric multiprocessor, capable of managing thousands of transactions per minute, to running on a single-node workstation used for application development.
Because one of the goals of AIX is to achieve this level of versatility and power, many services are immediately available when you finish installing the operating system. However, this can result in a configuration that is vulnerable to security exposures if the system is not configured appropriately. To minimize the number of possible security exposures, the system administrator must be able to identify the workload characteristics of the environment. System hardening is a global philosophy of system security that focuses strongly not only on detection, but also on prevention. It involves removing unnecessary services from the base operating system, restricting user access to the system, enforcing password restrictions, controlling user and group rights, and enabling system accounting.
Under the minimization procedures described in this paper, you identify and disable those operating system components and services that are not necessary for the task at hand. For example, if a system is being used as a file server, there is little benefit in enabling electronic mail (e-mail) services. E-mail services run as root, and there is a long history of e-mail-related security breaches. Proper system-hardening procedures call for these services to be shut down, resulting in a dedicated system with the fewest opportunities for exploitation.
This paper provides a baseline of AIX security for system administrators and offers guiding principles to help you begin securing your system. After reading it, you should be able to understand the importance of hardening an AIX system, as well as identify the location of the most important base operating system services and their functions. Hardening effectively empowers your system to provide that functionality which is specifically needed in your environment. You should also have a better idea of when it is appropriate to disable some of these services. This paper is not meant to be a thorough source of information on all AIX-related security issues, such as when to use the Lightweight Directory Access Protocol (LDAP) or Internet Protocol Security (IPsec). For information on those and other issues, refer to the appropriate documentation.
The scope of this paper includes enforcing adequate password rules, implementing proper user-security mechanisms, enabling system auditing, and monitoring file and directory access. Also covered are important X11 and CDE security issues, as well as how to identify open communication ports and list open files. The last section of the paper includes tables that summarize common AIX services and network tunable parameters. Use these tables as building blocks to start implementing an appropriate hardening strategy for your system.
Before you begin implementing any system-hardening measures, read this paper carefully. Note those items that you deem relevant to the security of your system. As you go through the sections of this paper that apply to your security needs, identify those files you will need to modify and back them up. It is always a good idea to back up modified files because this action enables you to revert to a previous configuration if you need to restore your previous security settings. After you complete your modifications and have thoroughly tested them to ensure that they work as you had planned, store the backup files in a secure place outside the newly secured system, such as a backup server. This precaution will prevent unauthorized reinstatement of your previous configuration that would disable all system-hardening modifications you have made.
In a typical environment, the installation of software patches, fixes, and updates can sometimes cause some of your modifications to revert to their original settings. You can easily avoid this problem by developing a security plan in which you log your actions and keep a listing of the location of your backup files.
Finally, perform all system-hardening procedures before the system goes into production. Bringing your system down when it is in production could prove costly to your operation, even if the objective is to make it more secure.