Script for auditing AIX systems in C, Ansi-style
The program incorporates, among others, remote SSH2 login for querying and running the script/commands (even, the program allows entering the 'root' password for running commands that requires that privilege), and a MySQL schema for reading/storing controls & procedures1, for instance:
- Login Control: Setting up login controls, Securing unattended terminals, Enabling automatic logoff, among others.
- Users, groups, and passwords: Root account, Recommended user attributes, Setting recommended password options, among others.
- Securing the network: TCP/IP command security, Remote command execution access, among others.
- Network services: Identifying network services with open communication ports, Identifying TCP and UDP sockets, among others.
- AIX Security Expert: SOX-COBIT compliance checking, audit, and pre-audit feature, AIX Security Expert User Group System and Password definitions group, among others.
If you are interested in this, as well, in other systems/plattforms (Cybersecurity, Oracle, MySQL, SAP HANA, among others), pls, contact me! (luis.alfie@gmail.com)
1 based on https://www.ibm.com/docs/en/aix/7.2?topic=security, incoporate more than 30 controls, and 85 testings; and can be run under two modes: basic and full.
