UNIX Security Checklist, Version 5, Release 1.6

Version 5, Release 1.6

Final

Not Available

2007-05-15

Operating System

Hewlett-Packard (HP)
International Business Machines (IBM)
Sun Microsystems (SUN)
Redhat Software

HP-UX 10.20 and later
AIX 4.3 and later
Solaris 2.5.1 and later
Redhat Linux 6.2 and later

HP-UX 10.20 and later
AIX 4.3 and later
Solaris 2.5.1 and later
Redhat Linux 6.2 and later

Operating System

The UNIX Security Checklist targets conditions that undermine the integrity of security, contribute to inefficient security operations and administration, or may lead to interruption of production operations. This document consists of an SRR guide that focuses strictly on various UNIX versions: HP-UX 10.20 and later, AIX 4.3 and later, Solaris 2.5.1 and later, and Redhat Linux 6.2 and later. Additionally, this checklist ensures the site has properly installed and implemented the UNIX operating system environment and that it is being managed in a way that is secure, efficient, and effective, through procedures outlined in the checklist. The items reviewed are based on standards and requirements published by DISA in the Security Handbook and the UNIX Security Technical Implementation Guide. The results of the SRR scripts will coincide with the UNIX SRR Checklist with the following: F - Finding, N/F - Not A Finding, N/A - Not Applicable, MR - Manual Review, or NR - Not Reviewed, which can be filled in Section 2.

The UNIX Security Checklist is composed of three major sections and five appendices. The major sections within this checklist are sections 2 and 3. Section 2, the 'SRR Results Report', is comprised of a matrix that allows the reviewer to manually document vulnerabilities discovered during the Security Readiness Review (SRR). Section 3, 'System Check Procedures', documents procedures to instruct reviewers about how to manually perform the SRR for each specific PDI.

Not Available.

Developped for the DOD.
This document is intended for IAOs, SAs, IAMs, NSOs, and others who are responsible for the configuration, management, or support of information systems. It assumes that the reader has knowledge of the UNIX operating system and is familiar with common computer terminology.

Enterprise and Specialized Security-Limited Functionality.

The scripts need to be unzipped (Windows) or untarred/uncompressed (Unix) and/or copied to the host system (Windows, Unix copy commands).

The scripts create temporary files. These files are removed at the completion of the script.

Not Available.

Not Available.

DOD Directive 8500.

Please refer to the Checklist or the README.txt files provided with the scripts for any comments, warnings, or detailed instructions.

Not Available.

It should be noted that FSO Support for the STIGs, Checklists, and Tools is only available to DOD Customers.

Defense Information Systems Agency

Not Available.

Not Available.

Not Available.

http://iase.disa.mil/stigs/checklist/index.html

http://iase.disa.mil/stigs/checklist/
Unix-Checklist-V5R1-20070515.zip

SHA1 Digest
(Unix-Checklist-V5R1-20070515.zip) =
e038e6118a4506ad7c2a2c908b1d80fc46485363

SHA256 Digest
(Unix-Checklist-V5R1-20070515.zip) =
1c6b579751a0a7b6a5fceb280a3de08537b546442
6eb223f74802b9fa671f3e7

Version 4, Release 4: 2005-12-15
Version 4, Release 4: 2005-07-15
Version 4, Release 4: 2006-04-15
Version 5, Release 1: 2006-09-15
Version 5, Release 1: 2006-11-15
Version 5, Release 1: 2007-01-15
Version 5, Release 1: 2007-03-15
Version 5, Release 1: 2007-05-15

UNIX Security Technical Implementation Guide, v5 Release 1

The following table enumerates the document consulted:

UNIX Security Technical Implementation Guide, V5R2. Field Security Operations (FSO)/Defense Information Systems Agency (DISA)., 4 April 2006

Department of Defense Instruction 8500.2 - ASD(31), 06 February 2003

1078