Originally posted by: mshepherd

I am trying to decipher what the settings mean. I am looking at this page: http://publib.boulder.ibm.com/infocenter/pseries/v5r3/topic/com.ibm.aix.security/doc/security/aix_sec_expert.htm

As an example, the setting for /etc/rc.tcpip "Disable routing daemon" says that the settings are as follows.
AIX Default: Yes
Low: No effect
Medium: No effect
High: Yes

So, what is the effective setting for the Low and Medium policies? Is it no effect as in it is not different from the default meaning the effective setting is that the routing daemon is disabled? Or does it mean that it is not disabled? This is not clear from the documentation, and I cannot test this out on a system.

Thanks in advance.
#AIX-Forum

Originally posted by: shargus

"No effect" means that AIXPert won't change it from it's present setting when it runs. I do not know what will happen when you do a "check" (i.e. aixpert -c), but I suspect it will not check it, either. Take a look at the code - it's mostly shell scripts in /etc/security/aixpert/bin.

I strongly recommend testing the settings on some kind of test machine. I have found a number of unexpected things happen after using aixpert to secure a server. For example, we want the maximum password age set for most accounts, but not all. Aixpert sets all accounts across the board. This had the effect of locking out accounts used internally by applications.

What I've had to do was start with the "high" security setting, then take the resulting template and make manual changes to it (remove items we didn't want secured, add new items, etc.) We then followed up with scripts to do the final fine-tuning.
#AIX-Forum