← Back to IBM AIX 7.x Security Technical Implementation Guide

V-215407

CAT II (Medium)

In the event of a system failure, AIX must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.

Rule ID

SV-215407r991562_rule

STIG

IBM AIX 7.x Security Technical Implementation Guide

Version

V3R2

CCIs

CCI-001665

Discussion

Failure to a known state can address safety or security in accordance with the mission/business needs of the organization. Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of a failure of the information system or a component of the system. Preserving operating system state information helps to facilitate operating system restart and return to the operational mode of the organization with least disruption to mission/business processes.

Check Content

To display the current dump device settings enter the following command:
#sysdumpdev -l
 
primary              /dev/lg_dumplv
secondary            /dev/sysdumpnull
copy directory       /var/adm/ras
forced copy flag     TRUE
always allow dump    FALSE
dump compression     ON
type of dump         fw-assisted
full memory dump     disallow

If the primary device and copy directory is not configured, this is a finding.

Fix Text

The "sysdumpdev" command should be used to configure dump device.

#sysdumpdev -p "Primary dump device"
#sysdumpdev -d  <directory>

Note: The "-d <directory> " specifies the directory the device is copied to at boot time.