AIX Security Expert Check Security

AIX® Security Expert can generate reports of current system and network security settings.

After AIX Security Expert (aixpert command) is used to configure a system, the Check Security option can be used to report the various configuration settings. If any of these settings have been changed outside the control of AIX Security Expert, the AIX Security Expert Check Security option logs these differences in the /etc/security/aixpert/check_report.txt file.

For example, the talkd daemon is disabled in /etc/inetd.conf when you apply Low Level Security. If the talkd daemon is later enabled and then Check Security is run, this information will be logged in the check_report.txt file as follows:

coninetdconf.ksh: Service talk using protocol udp should be disabled, however it is enabled now.

If the applied security settings have not been changed, the check_report.txt file will be empty.

The Check Security option should be run periodically and the resulting report should be reviewed to see if any settings have been changed since AIX Security Expert security settings were applied. The Check Security option should also be run as part of any major system change such as the installation or updating of software.